The Popular WooCommerce Booster plugin covered a Reflected Cross-Site Scripting vulnerability, impacting approximately 70,000+ sites utilizing the plugin.
Booster for WooCommerce Vulnerability
Booster for WooCommerce is a popular all-in-one WordPress plugin that provides over 100 functions for customizing WooCommerce stores.
The modular package uses all of the most necessary functionalities required to run an ecommerce shop such as a customized payment entrances, shopping cart customization, and personalized cost labels and buttons.
Shown Cross Site Scripting (XSS)
A showed cross-site scripting vulnerability on WordPress typically takes place when an input expects something specific (like an image upload or text) however enables other inputs, consisting of destructive scripts.
An assailant can then perform scripts on a website visitor’s web browser.
If the user is an admin then there can be a potential for the assailant taking the admin credentials and taking over the website.
The non-profit Open Web Application Security Task (OWASP) describes this kind of vulnerability:
“Reflected attacks are those where the injected script is reflected off the web server, such as in a mistake message, search engine result, or any other response that includes some or all of the input sent out to the server as part of the request.
Shown attacks are delivered to victims through another route, such as in an e-mail message, or on some other site.
… XSS can cause a range of problems for the end user that range in intensity from an annoyance to complete account compromise.”
Since this time the vulnerability has actually not been appointed a seriousness score.
This is the official description of the vulnerability by the U.S. Federal Government National Vulnerability Database:
“The Booster for WooCommerce WordPress plugin prior to 5.6.3, Booster Plus for WooCommerce WordPress plugin prior to 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not get away some URLs and specifications before outputting them back in characteristics, causing Reflected Cross-Site Scripting.”
What that indicates is that the vulnerability includes a failure to “get away some URLs,” which means to encode them in unique characters (called ASCII).
Escaping URLs implies encoding URLs in an anticipated format. So if a URL with a blank space is experienced a website may encoded that URL utilizing the ASCII characters “%20” to represent the encoded blank area.
It’s this failure to properly encode URLs which allows an assailant to input something else, probably a harmful script although it could be something else like a redirection to destructive site.
Changelog Records Vulnerabilities
The plugins official log of software application updates (called a Changelog) makes reference to a Cross Site Demand Forgery vulnerability.
The complimentary Booster for WooCommerce plugin changelog contains the following notation for variation 6.0.1:
“REPAIRED– EMAILS & MISC.– General– Repaired CSRF concern for Booster User Roles Changer.
REPAIRED– Included Security vulnerability fixes.”
Users of the plugin should consider upgrading to the really most current version of the plugin.
Read the advisory at the U.S. Government National Vulnerability Database
Read a summary of the vulnerability at the WPScan site
Booster for WooCommerce– Reflected Cross-Site Scripting
Included image by Best SMM Panel/Asier Romero