CVE-2024-0797 is a security vulnerability identified in the WordPress plugin 'Active Products Tables for WooCommerce. Professional products tables for WooCommerce store' developed by realmag777. This plugin is designed to enhance WooCommerce stores by providing advanced product table functionalities. The vulnerability is classified under CWE-862, which corresponds to Missing Authorization. Specifically, the issue arises because several functions within the plugin lack proper capability checks, allowing users with subscriber-level privileges or higher to execute functions that are intended exclusively for administrators. This missing authorization check means that authenticated users with relatively low privileges can perform actions that should be restricted, potentially leading to unauthorized modifications or manipulations within the WooCommerce product tables. The vulnerability affects all versions up to and including 1.0.6.1. The CVSS v3.1 base score is 4.3 (medium severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), no confidentiality impact (C:N), low integrity impact (I:L), and no availability impact (A:N). There are no known exploits in the wild at the time of publication, and no official patches have been linked yet. The vulnerability was published on February 5, 2024, and has been enriched by CISA and Wordfence. The core issue is that subscriber-level users can invoke administrative functions, which could lead to unauthorized changes in product data or configurations, potentially undermining the integrity of the e-commerce platform's product listings.

For European organizations using WooCommerce with this specific plugin, the vulnerability poses a risk primarily to the integrity of their e-commerce product data. Unauthorized users with subscriber-level access could manipulate product tables, potentially altering product availability, pricing, or descriptions. This could lead to customer confusion, loss of sales, or reputational damage. While the vulnerability does not directly impact confidentiality or availability, the integrity compromise could indirectly affect business operations and customer trust. Given the widespread use of WooCommerce in Europe, especially among small and medium-sized enterprises (SMEs) running online stores, the risk is non-negligible. Attackers exploiting this flaw could also use it as a foothold to perform further malicious activities, such as injecting malicious content or disrupting order processing workflows. The lack of user interaction required and the low complexity of exploitation increase the risk that this vulnerability could be leveraged in automated attacks once exploit code becomes available. However, the requirement for at least subscriber-level privileges limits the attack surface to authenticated users, which somewhat mitigates the risk from external anonymous attackers.

European organizations should immediately audit their WordPress installations to identify if the 'Active Products Tables for WooCommerce. Professional products tables for WooCommerce store' plugin is installed and determine the version in use. Until an official patch is released, administrators should consider the following specific mitigations: 1) Restrict subscriber-level user registrations and review existing subscriber accounts for legitimacy to reduce the risk of malicious exploitation. 2) Temporarily disable or deactivate the vulnerable plugin if it is not critical to business operations. 3) Implement strict role and capability management using WordPress security plugins to enforce additional authorization checks on plugin functions, possibly by custom code or third-party plugins that can override capability checks. 4) Monitor logs for unusual activity from subscriber accounts, focusing on actions related to product table modifications. 5) Limit access to the WordPress admin dashboard and plugin functionalities via IP whitelisting or VPN access where feasible. 6) Stay updated with vendor announcements and apply official patches immediately once available. 7) Consider deploying a Web Application Firewall (WAF) with custom rules to detect and block attempts to invoke administrative functions by unauthorized users. These targeted mitigations go beyond generic advice by focusing on access control hardening and monitoring specific to this vulnerability's exploitation vector.