Popular Plugin for WooCommerce Patches Vulnerability

Posted by

The Popular WooCommerce Booster plugin covered a Reflected Cross-Site Scripting vulnerability, impacting up to 70,000+ sites using the plugin.

Booster for WooCommerce Vulnerability

Booster for WooCommerce is a popular all-in-one WordPress plugin that provides over 100 functions for customizing WooCommerce stores.

The modular bundle provides all of the most vital performances required to run an ecommerce shop such as a customized payment entrances, shopping cart personalization, and customized cost labels and buttons.

Reflected Cross Site Scripting (XSS)

A reflected cross-site scripting vulnerability on WordPress generally takes place when an input anticipates something specific (like an image upload or text) however enables other inputs, including destructive scripts.

An assaulter can then execute scripts on a website visitor’s internet browser.

If the user is an admin then there can be a potential for the enemy taking the admin credentials and taking over the website.

The non-profit Open Web Application Security Task (OWASP) explains this sort of vulnerability:

“Reflected attacks are those where the injected script is shown off the web server, such as in a mistake message, search result, or any other response that includes some or all of the input sent to the server as part of the demand.

Shown attacks are delivered to victims through another path, such as in an e-mail message, or on some other site.

… XSS can cause a range of issues for completion user that range in seriousness from an annoyance to finish account compromise.”

As of this time the vulnerability has not been assigned a severity rating.

This is the main description of the vulnerability by the U.S. Federal Government National Vulnerability Database:

“The Booster for WooCommerce WordPress plugin prior to 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not leave some URLs and criteria before outputting them back in characteristics, leading to Shown Cross-Site Scripting.”

What that means is that the vulnerability includes a failure to “escape some URLs,” which means to encode them in special characters (called ASCII).

Leaving URLs implies encoding URLs in an expected format. So if a URL with a blank space is experienced a site might encoded that URL utilizing the ASCII characters “%20” to represent the encoded blank area.

It’s this failure to properly encode URLs which permits an assaulter to input something else, probably a destructive script although it might be something else like a redirection to harmful site.

Changelog Records Vulnerabilities

The plugins main log of software updates (called a Changelog) refers to a Cross Site Request Forgery vulnerability.

The totally free Booster for WooCommerce plugin changelog consists of the following notation for version 6.0.1:

“REPAIRED– EMAILS & MISC.– General– Repaired CSRF issue for Booster User Roles Changer.

FIXED– Included Security vulnerability repairs.”

Users of the plugin must consider upgrading to the really newest variation of the plugin.

Citations

Read the advisory at the U.S. Federal Government National Vulnerability Database

CVE-2022-4227 Detail

Check out a summary of the vulnerability at the WPScan website

Booster for WooCommerce– Shown Cross-Site Scripting

Included image by SMM Panel/Asier Romero