The Popular WooCommerce Booster plugin patched a Shown Cross-Site Scripting vulnerability, impacting up to 70,000+ sites utilizing the plugin.
Booster for WooCommerce Vulnerability
Booster for WooCommerce is a popular all-in-one WordPress plugin that uses over 100 functions for tailoring WooCommerce shops.
The modular package offers all of the most vital performances needed to run an ecommerce store such as a custom-made payment entrances, shopping cart modification, and personalized rate labels and buttons.
Reflected Cross Site Scripting (XSS)
A showed cross-site scripting vulnerability on WordPress normally takes place when an input expects something specific (like an image upload or text) but permits other inputs, including harmful scripts.
An opponent can then perform scripts on a site visitor’s browser.
If the user is an admin then there can be a capacity for the enemy taking the admin qualifications and taking over the website.
The non-profit Open Web Application Security Project (OWASP) explains this kind of vulnerability:
“Shown attacks are those where the injected script is reflected off the web server, such as in a mistake message, search engine result, or any other action that consists of some or all of the input sent to the server as part of the demand.
Shown attacks are delivered to victims via another path, such as in an e-mail message, or on some other site.
… XSS can cause a variety of problems for the end user that vary in severity from an inconvenience to complete account compromise.”
As of this time the vulnerability has actually not been appointed a seriousness rating.
This is the main description of the vulnerability by the U.S. Federal Government National Vulnerability Database:
“The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin prior to 6.0.0, Booster Elite for WooCommerce WordPress plugin prior to 6.0.0 do not leave some URLs and parameters before outputting them back in qualities, resulting in Reflected Cross-Site Scripting.”
What that implies is that the vulnerability involves a failure to “get away some URLs,” which suggests to encode them in unique characters (called ASCII).
Escaping URLs implies encoding URLs in an anticipated format. So if a URL with a blank space is encountered a site might encoded that URL utilizing the ASCII characters “%20” to represent the encoded blank space.
It’s this failure to appropriately encode URLs which permits an enemy to input something else, probably a destructive script although it might be something else like a redirection to harmful website.
Changelog Records Vulnerabilities
The plugins main log of software application updates (called a Changelog) refers to a Cross Website Request Forgery vulnerability.
The totally free Booster for WooCommerce plugin changelog consists of the following notation for variation 6.0.1:
“REPAIRED– EMAILS & MISC.– General– Repaired CSRF problem for Booster User Roles Changer.
REPAIRED– Added Security vulnerability repairs.”
Users of the plugin ought to consider upgrading to the really newest version of the plugin.
Read the advisory at the U.S. Federal Government National Vulnerability Database
Read a summary of the vulnerability at the WPScan site
Booster for WooCommerce– Shown Cross-Site Scripting
Included image by SMM Panel/Asier Romero