The Popular WooCommerce Booster plugin covered a Shown Cross-Site Scripting vulnerability, impacting up to 70,000+ sites utilizing the plugin.
Booster for WooCommerce Vulnerability
Booster for WooCommerce is a popular all-in-one WordPress plugin that uses over 100 functions for personalizing WooCommerce stores.
The modular package offers all of the most essential functionalities necessary to run an ecommerce shop such as a customized payment entrances, shopping cart personalization, and customized cost labels and buttons.
Reflected Cross Site Scripting (XSS)
A showed cross-site scripting vulnerability on WordPress generally happens when an input anticipates something particular (like an image upload or text) however permits other inputs, including malicious scripts.
An enemy can then execute scripts on a site visitor’s web browser.
If the user is an admin then there can be a potential for the aggressor taking the admin qualifications and taking control of the website.
The non-profit Open Web Application Security Job (OWASP) explains this kind of vulnerability:
“Shown attacks are those where the injected script is shown off the web server, such as in an error message, search result, or any other response that consists of some or all of the input sent out to the server as part of the demand.
Reflected attacks are delivered to victims by means of another path, such as in an e-mail message, or on some other site.
… XSS can trigger a range of problems for the end user that range in severity from an annoyance to complete account compromise.”
Since this time the vulnerability has actually not been designated a seriousness ranking.
This is the main description of the vulnerability by the U.S. Federal Government National Vulnerability Database:
“The Booster for WooCommerce WordPress plugin prior to 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters prior to outputting them back in characteristics, causing Reflected Cross-Site Scripting.”
What that indicates is that the vulnerability includes a failure to “leave some URLs,” which suggests to encode them in special characters (called ASCII).
Getting away URLs indicates encoding URLs in an anticipated format. So if a URL with a blank space is come across a website may encoded that URL using the ASCII characters “%20” to represent the encoded blank space.
It’s this failure to properly encode URLs which enables an opponent to input something else, probably a malicious script although it might be something else like a redirection to harmful site.
Changelog Records Vulnerabilities
The plugins main log of software application updates (called a Changelog) refers to a Cross Site Request Forgery vulnerability.
The totally free Booster for WooCommerce plugin changelog includes the following notation for version 6.0.1:
“REPAIRED– EMAILS & MISC.– General– Repaired CSRF concern for Booster User Roles Changer.
REPAIRED– Added Security vulnerability repairs.”
Users of the plugin must consider updating to the very newest variation of the plugin.
Check out the advisory at the U.S. Federal Government National Vulnerability Database
Read a summary of the vulnerability at the WPScan site
Booster for WooCommerce– Reflected Cross-Site Scripting
Included image by Best SMM Panel/Asier Romero