WordPress Plugin Vulnerability Report – Booster for WooCommerce – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2023-5638

Plugin Name: Booster for WooCommerce

Key Information:

  • Software Type: Plugin
  • Software Slug: woocommerce-jetpack
  • Software Status: Active
  • Software Author: pluggabl
  • Software Downloads: 3,411,990
  • Active Installs: 60,000
  • Last Updated: October 18, 2023
  • Patched Versions: 7.1.3
  • Affected Versions: <=7.1.2

Vulnerability Details:

  • Name: Booster for WooCommerce <= 7.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
  • Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • CVE: CVE-2023-5638
  • CVSS Score: 6.4 (Medium)
  • Publicly Published: October 18, 2023
  • Researcher: Lana Codes
  • Description: The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wcj_image' shortcode in versions up to, and including, 7.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Summary:

The Booster for WooCommerce plugin for WordPress has a vulnerability in versions up to and including 7.1.2 that allows authenticated contributors and above to execute Stored Cross-Site Scripting via the 'wcj_image' shortcode. This vulnerability has been patched in version 7.1.3.


Detailed Overview:

Authenticated contributors with permissions above the standard level can exploit a vulnerability in the Booster for WooCommerce plugin, specifically within the 'wcj_image' shortcode, for versions up to and including 7.1.2. The insufficient input sanitization and output escaping mechanisms make it possible for attackers to inject arbitrary web scripts. When a user accesses a page with this injected script, it will execute, potentially leading to malicious activities. Recognizing the risk, Lana Codes, the researcher who discovered this vulnerability, highlighted the importance of updating to the patched version to mitigate potential breaches.


Advice for Users:

  • Immediate Action: Update to version 7.1.3 immediately to secure your WordPress installations.
  • Check for Signs of Vulnerability: Monitor for any unexpected or unauthorized changes on your website, especially on pages with 'wcj_image' shortcodes. If you detect unusual activities, it could be a sign that the site has been compromised.
  • Alternate Plugins: Although a patch for the vulnerability is available, users might consider exploring plugins that offer similar functionality as a precaution.
  • Stay Updated: Ensure that all your plugins, especially Booster for WooCommerce, are consistently updated to the latest versions to prevent future vulnerabilities.

Conclusion:

The swift action from the plugin developers to rectify this vulnerability underscores the importance of timely updates and continuous monitoring. WordPress administrators are advised to make sure they have updated to version 7.1.3 or later to safeguard their installations against potential threats.


References:


Detailed Report:

Keeping your WordPress site updated is one of the most important things you can do as a website owner. Outdated plugins and themes can introduce security risks that leave your site vulnerable to attacks. Unfortunately, a recently discovered vulnerability in a popular eCommerce plugin, Booster for WooCommerce, puts WordPress sites at risk.

Booster for WooCommerce is an active plugin with over 60,000 installs. It aims to optimize and enhance WooCommerce stores with various performance tools. However, versions up to and including 7.1.2 contain a vulnerability, tracked as CVE-2023-5638, that allows authenticated users with Contributor+ access to conduct cross-site scripting attacks.

Specifically, the vulnerability arises in the 'wcj_image' shortcode due to insufficient input sanitization. This enables attackers to inject arbitrary JavaScript that will execute when pages containing the shortcode are accessed. Through crafted scripts, attackers could potentially take over user accounts, steal data, or redirect visitors to malicious sites.

The developers have released Booster for WooCommerce version 7.1.3 to patch this vulnerability. All users should update immediately to ensure their WooCommerce sites are not at risk. To update, go to Plugins > Installed Plugins within your WordPress dashboard, find Booster for WooCommerce, and click "Update Now."

In addition to upgrading, be vigilant in monitoring your site for any unauthorized changes or suspicious activities. Attackers may have already exploited this vulnerability, so be proactive in identifying potential threats. Consider exploring alternative plugins as well, in case you want to switch from Booster for WooCommerce.

This is not the first vulnerability found in Booster for WooCommerce. In fact, researchers have identified over 20 vulnerabilities in the plugin since July 2018. This highlights the ongoing importance of staying up-to-date with the latest plugin versions to mitigate emerging threats.

As a small business owner, it can be difficult to stay on top of WordPress security. However, taking a few proactive steps can help safeguard your website. Set reminders to regularly check for plugin updates, enable automatic background updates if possible, and install a security plugin to scan for vulnerabilities. Staying vigilant about security will protect your business from the risks of an compromised site.

WordPress Plugin Vulnerability Report – Booster for WooCommerce – Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode – CVE-2023-5638 FAQs

Leave a Comment