The Popular WooCommerce Booster plugin patched a Reflected Cross-Site Scripting vulnerability, impacting up to 70,000+ websites utilizing the plugin.
Booster for WooCommerce Vulnerability
Booster for WooCommerce is a popular all-in-one WordPress plugin that uses over 100 functions for personalizing WooCommerce shops.
The modular bundle uses all of the most necessary performances essential to run an ecommerce store such as a custom-made payment entrances, shopping cart personalization, and tailored rate labels and buttons.
Shown Cross Site Scripting (XSS)
A showed cross-site scripting vulnerability on WordPress typically happens when an input expects something specific (like an image upload or text) however permits other inputs, consisting of destructive scripts.
An enemy can then execute scripts on a website visitor’s browser.
If the user is an admin then there can be a capacity for the enemy taking the admin qualifications and taking over the website.
The non-profit Open Web Application Security Project (OWASP) describes this type of vulnerability:
“Reflected attacks are those where the injected script is reflected off the web server, such as in an error message, search engine result, or any other reaction that includes some or all of the input sent out to the server as part of the request.
Reflected attacks are provided to victims via another route, such as in an e-mail message, or on some other site.
… XSS can cause a variety of issues for the end user that range in seriousness from an annoyance to finish account compromise.”
As of this time the vulnerability has actually not been designated a seriousness rating.
This is the main description of the vulnerability by the U.S. Government National Vulnerability Database:
“The Booster for WooCommerce WordPress plugin prior to 5.6.3, Booster Plus for WooCommerce WordPress plugin prior to 6.0.0, Booster Elite for WooCommerce WordPress plugin prior to 6.0.0 do not get away some URLs and parameters prior to outputting them back in qualities, causing Shown Cross-Site Scripting.”
What that implies is that the vulnerability includes a failure to “get away some URLs,” which means to encode them in special characters (called ASCII).
Escaping URLs means encoding URLs in an expected format. So if a URL with a blank area is come across a site might encoded that URL utilizing the ASCII characters “%20” to represent the encoded blank area.
It’s this failure to appropriately encode URLs which enables an attacker to input something else, most likely a malicious script although it could be something else like a redirection to harmful site.
Changelog Records Vulnerabilities
The plugins main log of software updates (called a Changelog) makes reference to a Cross Website Request Forgery vulnerability.
The totally free Booster for WooCommerce plugin changelog contains the following notation for version 6.0.1:
“REPAIRED– EMAILS & MISC.– General– Repaired CSRF concern for Booster User Roles Changer.
REPAIRED– Included Security vulnerability repairs.”
Users of the plugin ought to think about updating to the very most current version of the plugin.
Read the advisory at the U.S. Federal Government National Vulnerability Database
Read a summary of the vulnerability at the WPScan site
Booster for WooCommerce– Reflected Cross-Site Scripting
Included image by Best SMM Panel/Asier Romero