CVE-2024-13715
📋 TL;DR
The zStore Manager Basic WordPress plugin has a missing capability check vulnerability that allows authenticated users with Subscriber-level access or higher to clear the plugin's cache. This affects all versions up to and including 3.311, potentially causing service disruption for WordPress sites using this plugin.
💻 Affected Systems
- zStore Manager Basic WordPress plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could repeatedly clear cache causing performance degradation, service disruption, or triggering cascading failures if cache clearing affects critical functionality.
Likely Case
Minimal service disruption through cache clearing, potentially affecting site performance temporarily until cache rebuilds.
If Mitigated
No impact if proper access controls are implemented or plugin is updated.
🎯 Exploit Status
Exploitation requires authenticated access but is technically simple - just needs to call the vulnerable function with proper parameters.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions after 3.311
Vendor Advisory: https://plugins.trac.wordpress.org/browser/zstore-manager-basic/trunk/zstore-manager.php#L441
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find zStore Manager Basic. 4. Click 'Update Now' if available, or download latest version from WordPress repository. 5. Replace plugin files with updated version.
🔧 Temporary Workarounds
Remove vulnerable plugin
allTemporarily disable or remove the zStore Manager Basic plugin until patched.
wp plugin deactivate zstore-manager-basic
wp plugin delete zstore-manager-basic
Restrict user roles
allTemporarily restrict Subscriber and other low-privilege user roles from accessing the site.
wp user list --role=subscriber --field=ID | xargs wp user set-role {ID} none
🧯 If You Can't Patch
- Implement web application firewall rules to block requests to the vulnerable zstore_clear_cache() function.
- Monitor and alert on cache clearing activities from non-admin users.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → zStore Manager Basic → Version. If version is 3.311 or lower, system is vulnerable.Check Version:
wp plugin get zstore-manager-basic --field=versionVerify Fix Applied:
Verify plugin version is higher than 3.311 in WordPress admin panel or check that the zstore_clear_cache() function now includes proper capability checks.📡 Detection & Monitoring
Log Indicators:
- Unusual cache clearing events from non-admin users
- Multiple POST requests to admin-ajax.php with action=zstore_clear_cache from low-privilege accounts
Network Indicators:
- HTTP POST requests to /wp-admin/admin-ajax.php with action parameter containing 'zstore_clear_cache'
SIEM Query:
source="wordpress_logs" action="zstore_clear_cache" user_role!="administrator"