CVE-2024-43350
📋 TL;DR
This vulnerability allows attackers to bypass authorization controls in Propovoice CRM by manipulating user-controlled keys, enabling unauthorized access to data or functions. It affects all WordPress installations using Propovoice CRM plugin versions up to 1.7.6.4.
💻 Affected Systems
- Propovoice CRM WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could access, modify, or delete sensitive CRM data belonging to other users, potentially exposing confidential business information or enabling data manipulation.
Likely Case
Unauthorized viewing of other users' CRM data, potentially including contact information, communications, and business records.
If Mitigated
With proper access controls and input validation, impact would be limited to attempted unauthorized access that gets blocked.
🎯 Exploit Status
Exploitation requires some level of access to the application but doesn't require administrative privileges.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.7.6.5 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Propovoice CRM. 4. Click 'Update Now' if available. 5. Alternatively, download latest version from WordPress repository and manually update.
🔧 Temporary Workarounds
Temporary Plugin Deactivation
allDisable the vulnerable plugin until patched
Access Restriction
allRestrict access to WordPress admin interface using IP whitelisting or firewall rules
🧯 If You Can't Patch
- Implement web application firewall (WAF) rules to detect and block IDOR patterns
- Enable detailed logging and monitoring for unauthorized access attempts to sensitive endpoints
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Propovoice CRM version. If version is 1.7.6.4 or earlier, system is vulnerable.Check Version:
wp plugin list --name=propovoice --field=versionVerify Fix Applied:
Verify plugin version is 1.7.6.5 or later in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual access patterns to CRM endpoints, especially parameter manipulation in URLs
Network Indicators:
- HTTP requests with manipulated object IDs or keys in parameters
SIEM Query:
source="wordpress" AND (uri_path="*propovoice*" OR plugin="propovoice") AND (status_code=200 OR status_code=403) AND (parameter_contains="id" OR parameter_contains="key")