[ad_1]
The U.S authorities Nationwide Vulnerability Database (NVD) printed warnings of vulnerabilities in 5 WooCommerce WordPress plugins affecting over 135,000 installations.
Most of the vulnerabilities vary in severity to as excessive as Crucial and rated 9.8 on a scale of 1-10.
Each vulnerability was assigned a CVE identification quantity (Widespread Vulnerabilities and Exposures) given to found vulnerabilities.
1. Superior Order Export For WooCommerce
The Superior Order Export for WooCommerce plugin, put in in over 100,000 web sites, is weak to a Cross-Web site Request Forgery (CSRF) assault.
A Cross-Web site Request Forgery (CSRF) vulnerability arises from a flaw in an internet site plugin that permits an attacker to trick an internet site consumer into performing an unintended motion.
Web site browsers usually include cookies that inform an internet site {that a} consumer is registered and logged in. An attacker can assume the privilege ranges of an admin. This offers the attacker full entry to an internet site, exposes delicate buyer info, and so forth.
This particular vulnerability can result in an export file obtain. The vulnerability description doesn’t describe what file may be downloaded by an attacker.
On condition that the plugin’s function is to export WooCommerce order knowledge, it might be cheap to imagine that order knowledge is the sort of file an attacker can entry.
The official vulnerability description:
“Cross-Web site Request Forgery (CSRF) vulnerability in Superior Order Export For WooCommerce plugin <= 3.3.2 on WordPress resulting in export file obtain.”
The vulnerability impacts all variations of the Superior Order Export for WooCommerce plugin which are lower than or equal to model 3.3.2.
The official changelog for the plugin notes that the vulnerability was patched in model 3.3.3.
Learn extra on the Nationwide Vulnerability Database (NVD): CVE-2022-40128
2. Superior Dynamic Pricing for WooCommerce
The second affected plugin is the Superior Dynamic Pricing plugin for WooCommerce which is put in in over 20,000 web sites.
This plugin was found to have two Cross-Web site Request Forgery (CSRF) vulnerabilities that have an effect on all plugin variations lower than 4.1.6.
The aim of the plugin is to make it straightforward for retailers to create low cost and pricing guidelines.
The primary vulnerability (CVE-2022-43488) can result in a “rule kind migration.”
That’s considerably imprecise. Maybe an assumption may be made that the vulnerability could have one thing to do with the flexibility to alter the pricing guidelines.
The official description supplied on the NVD:
“Cross-Web site Request Forgery (CSRF) vulnerability in Superior Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress resulting in rule kind migration.”
Learn extra on the NVD: CVE-2022-43488
The NVD assigned the second CSRF vulnerability within the Superior Dynamic Pricing for WooCommerce plugin a CVE quantity, CVE-2022-43491.
The official NVD description of the vulnerability is:
“Cross-Web site Request Forgery (CSRF) vulnerability in Superior Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress resulting in plugin settings import.”
The official plugin changelog notes:
“Changelog – 4.1.6 – 2022-10-26
Fastened some CSRF and damaged entry management vulnerabilities”
Learn the official NVD announcement: CVE-2022-43491
3. Superior Coupons for WooCommerce Coupons plugin
The third affected plugin, Superior Coupons for WooCommerce Coupons, has over 10,000 installs.
The issue found on this plugin can also be a CSRF vulnerability and impacts all variations lower than 4.5.01.
The plugin changelog calls the patch a bug repair?
“4.5.0.1
Bug Repair: The getting began discover dismiss AJAX request has no nonce worth.”
The official NVD description is:
“Cross-Web site Request Forgery (CSRF) vulnerability in Superior Coupons for WooCommerce Coupons plugin <= 4.5 on WordPress main to note dismissal.”
Learn extra on the NVD: CVE-2022-43481
4. WooCommerce Dropshipping by OPMC – Crucial
The fourth affected software program is the WooCommerce Dropshipping by OPMC plugin which has over 3,000 installations.
Variations of this plugin lower than model 4.4 include an Unauthenticated SQL injection vulnerability rated 9.8 (on a scale of 1-10) and labeled as Crucial.
On the whole, a SQL injection vulnerability permits an attacker to control the WordPress database and assume admin-level permissions, make modifications to the database, erase the database, and even obtain delicate knowledge.
The NVD describes this particular plugin vulnerability:
“The WooCommerce Dropshipping WordPress plugin earlier than 4.4 doesn’t correctly sanitise and escape a parameter earlier than utilizing it in a SQL assertion through a REST endpoint out there to unauthenticated customers, resulting in a SQL injection.”
Learn extra on the NVD: CVE-2022-3481
Learn the official plugin changelog.
5. Position Based mostly Pricing for WooCommerce
The Position Based mostly Pricing for WooCommerce plugin has two Cross-Web site Request Forgery (CSRF) vulnerabilities. There are 2,000 installations of this plugin.
As talked about about one other plugin, a CSRF vulnerability usually includes an attacker tricking an admin or different consumer to click on a hyperlink or carry out another motion. That can lead to the attacker gaining the consumer’s web site permission ranges.
This vulnerability is rated 8.8 Excessive.
The NVD description of the primary vulnerability warns:
“The Position Based mostly Pricing for WooCommerce WordPress plugin earlier than 1.6.2 doesn’t have authorisation and correct CSRF checks, and doesn’t validate recordsdata to be uploaded, permitting any authenticated customers like subscriber to add arbitrary recordsdata, reminiscent of PHP”
The next is the official NVD description of the second vulnerability:
“The Position Based mostly Pricing for WooCommerce WordPress plugin earlier than 1.6.3 doesn’t have authorisation and correct CSRF checks, in addition to doesn’t validate path given through consumer enter, permitting any authenticated customers like subscriber to carry out PHAR deserialization assaults once they can add a file, and an appropriate gadget chain is current on the weblog”
The official Position Based mostly Pricing for WooCommerce WordPress plugin changelog advises that the plugin is totally patched in model 1.6.2:
“Changelog 2022-10-01 – model 1.6.2
* Fastened the Arbitrary File Add Vulnerability.
* Fastened the difficulty of ajax nonce test.”
Learn the official NVD documentation:
CVE-2022-3537
CVE-2022-3536
Course of Motion
It’s thought of a very good apply to replace all weak plugins. It’s additionally a greatest apply to again up the location earlier than making any plugin updates and (if doable) to stage the location and check the plugin earlier than updating.
Featured picture by Shutterstock/Master1305
[ad_2]