CVE-2023-3125: 
WordPress vulnerability analysis and mitigation

The B2BKing plugin for WordPress (14,000+ installs) contains a missing capability check vulnerability (CVE-2023-3125) in versions up to and including 4.6.00. The vulnerability was discovered on June 3, 2023 and allows authenticated attackers with subscriber or customer-level permissions to modify the pricing of any product on the site (NinTechNet Blog).

The vulnerability exists in the 'b2bkingsavepriceimport' function which lacks proper capability checks. The function is accessible via WordPress AJAX API and only verifies the b2bkingsecuritynonce nonce without checking user capabilities. The nonce leaks in the page source of the WordPress dashboard because it is loaded via the adminenqueue_scripts hook. This allows customers to download a CSV file containing product prices, modify it, and reupload it to change product prices (NinTechNet Blog). The vulnerability has a CVSS v3.1 score of 6.5 (Medium) (Wordfence).

The vulnerability allows authenticated attackers with subscriber or customer-level permissions to modify the pricing of any product on the affected WordPress site. This could lead to unauthorized price modifications and potential financial impact for the store owners (NinTechNet Blog).

The vulnerability was fixed in version 4.6.20 released on May 27, 2023. Site administrators should update to this version or later immediately. Users of NinjaFirewall WP Edition (free) and NinjaFirewall WP+ Edition (premium) are protected against this vulnerability (NinTechNet Blog, WooCommerce Changelog).