Popular Plugin for WooCommerce Patches Vulnerability

Posted by

The Popular WooCommerce Booster plugin covered a Reflected Cross-Site Scripting vulnerability, impacting approximately 70,000+ websites using the plugin.

Booster for WooCommerce Vulnerability

Booster for WooCommerce is a popular all-in-one WordPress plugin that offers over 100 functions for personalizing WooCommerce stores.

The modular bundle offers all of the most vital functionalities necessary to run an ecommerce shop such as a custom-made payment entrances, shopping cart customization, and customized price labels and buttons.

Reflected Cross Site Scripting (XSS)

A showed cross-site scripting vulnerability on WordPress usually happens when an input anticipates something specific (like an image upload or text) however allows other inputs, including malicious scripts.

An assaulter can then perform scripts on a website visitor’s browser.

If the user is an admin then there can be a capacity for the assailant taking the admin qualifications and taking over the site.

The non-profit Open Web Application Security Project (OWASP) describes this sort of vulnerability:

“Shown attacks are those where the injected script is shown off the web server, such as in an error message, search result, or any other action that includes some or all of the input sent to the server as part of the demand.

Reflected attacks are delivered to victims by means of another path, such as in an e-mail message, or on some other website.

… XSS can cause a range of issues for the end user that vary in severity from an inconvenience to complete account compromise.”

Since this time the vulnerability has actually not been appointed an intensity rating.

This is the main description of the vulnerability by the U.S. Government National Vulnerability Database:

“The Booster for WooCommerce WordPress plugin prior to 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not get away some URLs and parameters before outputting them back in characteristics, resulting in Reflected Cross-Site Scripting.”

What that implies is that the vulnerability includes a failure to “escape some URLs,” which suggests to encode them in special characters (called ASCII).

Escaping URLs suggests encoding URLs in an anticipated format. So if a URL with a blank space is experienced a website might encoded that URL using the ASCII characters “%20” to represent the encoded blank space.

It’s this failure to appropriately encode URLs which allows an aggressor to input something else, probably a harmful script although it might be something else like a redirection to malicious site.

Changelog Records Vulnerabilities

The plugins main log of software updates (called a Changelog) makes reference to a Cross Site Demand Forgery vulnerability.

The free Booster for WooCommerce plugin changelog consists of the following notation for version 6.0.1:

“REPAIRED– EMAILS & MISC.– General– Repaired CSRF issue for Booster User Roles Changer.

REPAIRED– Included Security vulnerability repairs.”

Users of the plugin need to consider upgrading to the extremely newest variation of the plugin.

Citations

Read the advisory at the U.S. Federal Government National Vulnerability Database

CVE-2022-4227 Information

Read a summary of the vulnerability at the WPScan site

Booster for WooCommerce– Shown Cross-Site Scripting

Featured image by SMM Panel/Asier Romero