You can now find Cyber Kendra on Google News | Telegram

Privilege Escalating Bug on WooCommerce Plugin Puts Million Site on Risk

Critical stored XSS on WoocCommerce plugin leads to full account takeover
Researcher from Rips tech have demonstrate another critical bug in popular WordPress Plugin, WooCommerce which leads to escalate the role of users to site Administrator.

WooCommerce is an eCommerce plugin for WordPress with over 4 million active installations.

When WooCommerce is installed, the user role Shop manageris added by default. The bug resides EDITOR role of the plugin where malicious attcker (SHOP MANAGER), which can change the CUSTOMER role user to EDITOR role and then can inject malicious JavaScript code into the index page if the target WordPress site.
Evil Shop managers can simply update a random Customer account, set their user role to Editor, update their password and log into their account, which then has Editor privileges. This means they can simply circumvent the HTML restriction and inject arbitrary JavaScript code into the front page.
Now whenever site administrator visit the index page of yhe the site, the stored JavaScript code (inserted by malicious user on front page of site) excute and escalate the role of malicious user to site Administrator.

For proof-of-concept researcher have also published the video demonstration of the bug.

(Note: video has been uploaded by us on behalf of RipsTech) 
This bug has been reported to its developer and fix has also been released with version 3.4.6 of WooCommerce Plugin. So we recommend all WooCommerce users to update the version of plugin to fix tge issue, and stay safe.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.