CVE-2024-12210
📋 TL;DR
This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to remove the shop logo from WooCommerce delivery notes. It affects all versions of the Print Invoice & Delivery Notes for WooCommerce plugin up to and including 5.4.0. The issue stems from a missing capability check on an AJAX endpoint.
💻 Affected Systems
- Print Invoice & Delivery Notes for WooCommerce WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Malicious authenticated users could deface delivery notes by removing branding, potentially causing confusion or reputational damage to the business.
Likely Case
Low-privilege users removing the shop logo from delivery notes, requiring manual restoration by administrators.
If Mitigated
Minimal impact if proper user access controls and monitoring are in place, with quick detection and restoration.
🎯 Exploit Status
Exploitation requires authenticated access but is simple via crafted AJAX requests. No public exploit code is known, but the vulnerability is straightforward to weaponize.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.4.1
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Print Invoice & Delivery Notes for WooCommerce'. 4. Click 'Update Now' if available, or manually update to version 5.4.1 or later. 5. Verify the plugin version after update.
🔧 Temporary Workarounds
Temporarily disable the vulnerable AJAX endpoint
allAdd code to WordPress theme's functions.php or a custom plugin to remove the vulnerable AJAX action handler.
add_action('init', function() { remove_action('wp_ajax_wcdn_remove_shoplogo', 'wcdn_remove_shoplogo'); });
🧯 If You Can't Patch
- Restrict user roles: Ensure only trusted users have Subscriber or higher roles, or implement additional authentication for AJAX actions.
- Monitor and audit: Enable WordPress audit logging to detect unauthorized logo removal attempts and review user activities regularly.
🔍 How to Verify
Check if Vulnerable:
Check the plugin version in WordPress admin under Plugins > Installed Plugins. If version is 5.4.0 or lower, it is vulnerable.Check Version:
wp plugin list --name='Print Invoice & Delivery Notes for WooCommerce' --field=versionVerify Fix Applied:
After updating, confirm the plugin version is 5.4.1 or higher in the Plugins list. Test logo removal functionality with a Subscriber account to ensure it fails.📡 Detection & Monitoring
Log Indicators:
- WordPress audit logs showing AJAX requests to 'admin-ajax.php' with action 'wcdn_remove_shoplogo' from non-admin users.
- Unexpected changes to shop logo settings in plugin configuration.
Network Indicators:
- HTTP POST requests to /wp-admin/admin-ajax.php with parameter 'action=wcdn_remove_shoplogo' from authenticated sessions.
SIEM Query:
source="wordpress" AND url="/wp-admin/admin-ajax.php" AND action="wcdn_remove_shoplogo" AND user_role!="administrator"