The Popular WooCommerce Booster plugin covered a Shown Cross-Site Scripting vulnerability, affecting up to 70,000+ sites utilizing the plugin.
Booster for WooCommerce Vulnerability
Booster for WooCommerce is a popular all-in-one WordPress plugin that offers over 100 functions for tailoring WooCommerce shops.
The modular package provides all of the most important performances essential to run an ecommerce store such as a customized payment entrances, shopping cart modification, and personalized rate labels and buttons.
Shown Cross Website Scripting (XSS)
A showed cross-site scripting vulnerability on WordPress normally occurs when an input anticipates something specific (like an image upload or text) but permits other inputs, including destructive scripts.
An opponent can then carry out scripts on a website visitor’s web browser.
If the user is an admin then there can be a potential for the attacker taking the admin credentials and taking control of the website.
The non-profit Open Web Application Security Project (OWASP) describes this kind of vulnerability:
“Shown attacks are those where the injected script is shown off the web server, such as in an error message, search result, or any other response that consists of some or all of the input sent to the server as part of the demand.
Reflected attacks are delivered to victims through another path, such as in an e-mail message, or on some other site.
… XSS can trigger a range of problems for completion user that vary in seriousness from an annoyance to complete account compromise.”
Since this time the vulnerability has not been designated a seriousness score.
This is the main description of the vulnerability by the U.S. Federal Government National Vulnerability Database:
“The Booster for WooCommerce WordPress plugin prior to 5.6.3, Booster Plus for WooCommerce WordPress plugin prior to 6.0.0, Booster Elite for WooCommerce WordPress plugin prior to 6.0.0 do not get away some URLs and parameters prior to outputting them back in characteristics, resulting in Reflected Cross-Site Scripting.”
What that implies is that the vulnerability includes a failure to “escape some URLs,” which suggests to encode them in special characters (called ASCII).
Escaping URLs suggests encoding URLs in an anticipated format. So if a URL with a blank area is encountered a website may encoded that URL using the ASCII characters “%20” to represent the encoded blank area.
It’s this failure to effectively encode URLs which permits an attacker to input something else, most likely a destructive script although it might be something else like a redirection to harmful site.
Changelog Records Vulnerabilities
The plugins main log of software application updates (called a Changelog) makes reference to a Cross Website Demand Forgery vulnerability.
The free Booster for WooCommerce plugin changelog contains the following notation for variation 6.0.1:
“FIXED– EMAILS & MISC.– General– Fixed CSRF problem for Booster User Roles Changer.
REPAIRED– Added Security vulnerability fixes.”
Users of the plugin ought to consider upgrading to the very newest variation of the plugin.
Check out the advisory at the U.S. Federal Government National Vulnerability Database
Check out a summary of the vulnerability at the WPScan website
Booster for WooCommerce– Shown Cross-Site Scripting
Included image by Best SMM Panel/Asier Romero