Vulnerabilities Discovered in Five WooCommerce WordPress Plugins
Weaknesses found in five WooCommerce WordPress modules with more than 135,000 establishments
- Weaknesses fixed in five WooCommerce modules
- Weaknesses appraised as high as 9.8/10 Basic
- Sql Infusion weakness appraised Basic 9.8/10
The U.S. government Public Weakness Data set (NVD) distributed alerts of weaknesses in five WooCommerce WordPress modules influencing more than 135,000 establishments.
Considerable weaknesses range in seriousness to as high as Basic and are evaluated at 9.8 on a size of 1-10.
Each weakness was relegated to a CVE personality number (Normal Weaknesses and Openings) given to found flaws.
1. High-level Request Commodity For WooCommerce
The High-level Request Commodity for WooCommerce module, introduced in the north of 100,000 sites, is defenseless against a Cross-Site Solicitation Phony (CSRF) assault.
A Cross-Webpage Solicitation Fabrication (CSRF) weakness emerges from a blemish in a site module that permits an assailant to fool a site client into playing out an accidental activity.
Site programs ordinarily contain treats that let a site know that a client is enlisted and signed in. An aggressor can accept the honor levels of an administrator. This gives the assailant full admittance to a site, uncovered delicate client data, etc.
This particular weakness can prompt a product record download. The weakness depiction doesn’t portray what document can be downloaded by an assailant.
Provided that the module’s motivation is to trade WooCommerce request information, it could be sensible to expect that request information is the sort of document an aggressor can get to.
The authority weakness portrayal:
“Cross-Website Solicitation Phony (CSRF) weakness in Cutting edge Request Product For WooCommerce module <= 3.3.2 on WordPress prompting trade document download.”
The weakness influences all renditions of the High level Request Commodity for WooCommerce module that are not exactly or equivalent to form 3.3.2.
The authority changelog for the module noticed that the weakness was fixed in rendition 3.3.3.
2. High level Powerful Evaluating for WooCommerce
The second impacted module is the High-level Unique Evaluating module for WooCommerce which has been introduced in over 20,000 sites.
This module was found to have two Cross-Site Solicitation Imitation (CSRF) weaknesses that influence all module forms under 4.1.6.
The motivation behind the module is to make it simple for traders to make rebate and value rules.
The primary weakness (CVE-2022-43488) can prompt a “rule type relocation.”
That is fairly obscure. A presumption can be made that the weakness might have something to do with the capacity to change the evaluating rules.
The authority portrayal given at the NVD:
“Cross-Site Solicitation Fabrication (CSRF) weakness in Cutting edge Dynamic Estimating for WooCommerce module <= 4.1.5 on WordPress prompting rule type relocation.”
The NVD doled out the second CSRF weakness in the Powerful High-level Evaluating for WooCommerce module, a CVE number CVE-2022-43491.
The authority NVD depiction of the weakness is:
“Cross-Site Solicitation Fraud (CSRF) weakness in Cutting edge Dynamic Evaluating for WooCommerce module <= 4.1.5 on WordPress prompting module settings import.”
The authority module changelog notes:
“Changelog – 4.1.6 – 2022-10-26
Fixed a few CSRF and broken admittance control weaknesses.”
3. High-level Coupons for WooCommerce Coupons module
The third impacted module, High-level Coupons for WooCommerce Coupons, has more than 10,000 introduces.
The issue found in this module is likewise a CSRF weakness and influences all renditions under 4.5.01.
The module changelog calls the fix a bug fix.
“4.5.0.1
Bug Fix: The beginning notification excuse AJAX demand has no nonce esteem.”
The authority NVD portrayal is:
“Cross-Site Solicitation Falsification (CSRF) weakness in Cutting edge Coupons for WooCommerce Coupons module <= 4.5 on WordPress prompting notice excusal.”
4. WooCommerce Outsourcing by OPMC - Basic
The fourth impacted programming is the WooCommerce Outsourcing by OPMC module, which has more than 3,000 establishments.
Forms of this module not as much as variant 4.4 contain an Unauthenticated SQL infusion weakness evaluated 9.8 (on a size of 1-10) and marked as Basic.
As a general rule, a SQL infusion weakness permits an assailant to control the WordPress data set and expect administrator-level consent, make changes to the information base, delete the data set, or even download delicate information.
The NVD portrays this particular module’s weakness:
“The WooCommerce Outsourcing WordPress module before 4.4 doesn’t as expected clean and getaway a boundary before involving it in a SQL proclamation utilizing a REST endpoint accessible to unauthenticated clients, prompting a SQL infusion.”
5. Job-Based Evaluating for WooCommerce
The Job Based Evaluating for WooCommerce module has two Cross-Site Solicitation Phony (CSRF) weaknesses. There are 2,000 establishments in this module.
As referenced in another module, a CSRF weakness often includes an aggressor deceiving an administrator or other client to click a connection or play out another activity. That can bring about the assailant acquiring the client’s site authorization levels.
This weakness is evaluated at 8.8 High.
The NVD portrayal of the principal weakness cautions:
“The Job Based Evaluating for WooCommerce WordPress module before 1.6.2 doesn’t have authorization and legitimate CSRF checks, and doesn’t approve records to be transferred, permitting any confirmed clients like endorser of transfer inconsistent documents, like PHP.”
Coming up next is the authority NVD depiction of the subsequent weakness:
“The Job Based Valuing for WooCommerce WordPress module before 1.6.3 doesn’t have authorization and legitimate CSRF checks, as well as doesn’t approve way given through client input, permitting any confirmed clients like a supporter of performing PHAR deserialization assaults when they can transfer a record, and a reasonable device chain is available on the blog.”
The authority Job Based Evaluating for WooCommerce WordPress module changelog prompts that the module is completely fixed in variant 1.6.2:
“Changelog 2022-10-01 – form 1.6.2
* Fixed the Erratic Document Transfer Weakness.
* Fixed the issue of ajax nonce check.”