The Popular WooCommerce Booster plugin covered a Reflected Cross-Site Scripting vulnerability, impacting as much as 70,000+ websites utilizing the plugin.
Booster for WooCommerce Vulnerability
Booster for WooCommerce is a popular all-in-one WordPress plugin that provides over 100 functions for personalizing WooCommerce stores.
The modular package uses all of the most important performances required to run an ecommerce store such as a customized payment gateways, shopping cart personalization, and customized rate labels and buttons.
Shown Cross Site Scripting (XSS)
A showed cross-site scripting vulnerability on WordPress normally occurs when an input anticipates something particular (like an image upload or text) however allows other inputs, including destructive scripts.
An aggressor can then carry out scripts on a site visitor’s web browser.
If the user is an admin then there can be a potential for the aggressor stealing the admin qualifications and taking over the site.
The non-profit Open Web Application Security Project (OWASP) explains this kind of vulnerability:
“Shown attacks are those where the injected script is shown off the web server, such as in a mistake message, search engine result, or any other response that includes some or all of the input sent to the server as part of the request.
Reflected attacks are delivered to victims by means of another path, such as in an e-mail message, or on some other site.
… XSS can cause a variety of problems for completion user that vary in severity from an annoyance to finish account compromise.”
Since this time the vulnerability has actually not been appointed an intensity ranking.
This is the official description of the vulnerability by the U.S. Federal Government National Vulnerability Database:
“The Booster for WooCommerce WordPress plugin prior to 5.6.3, Booster Plus for WooCommerce WordPress plugin prior to 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not leave some URLs and parameters prior to outputting them back in qualities, causing Reflected Cross-Site Scripting.”
What that means is that the vulnerability involves a failure to “escape some URLs,” which suggests to encode them in special characters (called ASCII).
Escaping URLs indicates encoding URLs in an anticipated format. So if a URL with a blank space is encountered a site may encoded that URL using the ASCII characters “%20” to represent the encoded blank space.
It’s this failure to effectively encode URLs which allows an assaulter to input something else, most likely a destructive script although it could be something else like a redirection to malicious website.
Changelog Records Vulnerabilities
The plugins main log of software application updates (called a Changelog) makes reference to a Cross Website Demand Forgery vulnerability.
The totally free Booster for WooCommerce plugin changelog consists of the following notation for variation 6.0.1:
“REPAIRED– EMAILS & MISC.– General– Repaired CSRF concern for Booster User Roles Changer.
FIXED– Included Security vulnerability repairs.”
Users of the plugin should consider updating to the extremely most current version of the plugin.
Check out the advisory at the U.S. Federal Government National Vulnerability Database
Read a summary of the vulnerability at the WPScan site
Booster for WooCommerce– Shown Cross-Site Scripting
Featured image by SMM Panel/Asier Romero