CVEs-PoC/2021/CVE-2021-4337.md

### [CVE-2021-4337](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4337)
![](https://img.shields.io/static/v1?label=Product&message=Add%20Product%20Tabs%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Autopilot%20SEO%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Bulk%20Add%20to%20Cart%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Comment%20and%20Review%20Spam%20Control%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Floating%20Cart%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Improved%20Product%20Options%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Improved%20Sale%20Badges%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Live%20Product%20Editor%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Live%20Search%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Package%20Quantity%20Discount&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Price%20Commander%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Product%20Filter%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Product%20Loops%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Share%2C%20Print%20and%20PDF%20Products%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Warranties%20and%20Returns%20for%20WooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=XforWooCommerce&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=*%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brightgreen)

### Description

Sixteen XforWooCommerce Add-On Plugins for WordPress are vulnerable to authorization bypass due to a missing capability check on the wp_ajax_svx_ajax_factory function in various versions listed below. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to read, edit, or delete WordPress settings, plugin settings, and to arbitrarily list all users on a WordPress website. The plugins impacted are: Product Filter for WooCommerce < 8.2.0, Improved Product Options for WooCommerce < 5.3.0, Improved Sale Badges for WooCommerce < 4.4.0, Share, Print and PDF Products for WooCommerce < 2.8.0, Product Loops for WooCommerce < 1.7.0, XforWooCommerce < 1.7.0, Package Quantity Discount < 1.2.0, Price Commander for WooCommerce < 1.3.0, Comment and Review Spam Control for WooCommerce < 1.5.0, Add Product Tabs for WooCommerce < 1.5.0, Autopilot SEO for WooCommerce < 1.6.0, Floating Cart < 1.3.0, Live Search for WooCommerce < 2.1.0, Bulk Add to Cart for WooCommerce < 1.3.0, Live Product Editor for WooCommerce < 4.7.0, and Warranties and Returns for WooCommerce < 5.3.0.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/20142995/nuclei-templates