Popular Plugin for WooCommerce Patches Vulnerability

Posted by

The Popular WooCommerce Booster plugin patched a Shown Cross-Site Scripting vulnerability, affecting as much as 70,000+ websites utilizing the plugin.

Booster for WooCommerce Vulnerability

Booster for WooCommerce is a popular all-in-one WordPress plugin that provides over 100 functions for tailoring WooCommerce shops.

The modular bundle uses all of the most vital functionalities necessary to run an ecommerce shop such as a custom-made payment gateways, shopping cart personalization, and tailored cost labels and buttons.

Reflected Cross Website Scripting (XSS)

A reflected cross-site scripting vulnerability on WordPress usually happens when an input anticipates something particular (like an image upload or text) however permits other inputs, consisting of malicious scripts.

An enemy can then execute scripts on a website visitor’s web browser.

If the user is an admin then there can be a capacity for the assaulter taking the admin qualifications and taking over the website.

The non-profit Open Web Application Security Task (OWASP) explains this sort of vulnerability:

“Reflected attacks are those where the injected script is reflected off the web server, such as in a mistake message, search results page, or any other reaction that includes some or all of the input sent to the server as part of the demand.

Reflected attacks are provided to victims through another path, such as in an e-mail message, or on some other website.

… XSS can trigger a variety of problems for the end user that vary in intensity from an annoyance to finish account compromise.”

Since this time the vulnerability has actually not been designated an intensity ranking.

This is the official description of the vulnerability by the U.S. Government National Vulnerability Database:

“The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin prior to 6.0.0, Booster Elite for WooCommerce WordPress plugin prior to 6.0.0 do not leave some URLs and criteria prior to outputting them back in characteristics, resulting in Reflected Cross-Site Scripting.”

What that implies is that the vulnerability involves a failure to “escape some URLs,” which means to encode them in special characters (called ASCII).

Getting away URLs means encoding URLs in an anticipated format. So if a URL with a blank area is come across a website might encoded that URL using the ASCII characters “%20” to represent the encoded blank area.

It’s this failure to correctly encode URLs which enables an attacker to input something else, probably a malicious script although it could be something else like a redirection to destructive website.

Changelog Records Vulnerabilities

The plugins official log of software updates (called a Changelog) refers to a Cross Website Demand Forgery vulnerability.

The free Booster for WooCommerce plugin changelog contains the following notation for variation 6.0.1:

“FIXED– EMAILS & MISC.– General– Fixed CSRF concern for Booster User Roles Changer.

REPAIRED– Added Security vulnerability repairs.”

Users of the plugin must think about upgrading to the extremely latest variation of the plugin.

Citations

Check out the advisory at the U.S. Government National Vulnerability Database

CVE-2022-4227 Information

Check out a summary of the vulnerability at the WPScan website

Booster for WooCommerce– Shown Cross-Site Scripting

Featured image by Best SMM Panel/Asier Romero