WordPress Plugin Vulnerability Report – Kadence WooCommerce Email Designer – Cross-Site Request Forgery

Plugin Name: Kadence WooCommerce Email Designer

Key Information:

  • Software Type: Plugin
  • Software Slug: kadence-woocommerce-email-designer
  • Software Status: Active
  • Software Author: britner
  • Software Downloads: 1,533,682
  • Active Installs: 100,000
  • Last Updated: November 2, 2023
  • Patched Versions: 1.5.12
  • Affected Versions: <= 1.5.11

Vulnerability Details:

  • Name: Kadence WooCommerce Email Designer <= 1.5.11 - Cross-Site Request Forgery
  • Type: Cross-Site Request Forgery (CSRF)
  • CVSS Score: 4.3 (Medium)
  • Publicly Published: November 2, 2023
  • Description: The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.11. This is due to missing or incorrect nonce validation on the ajax_reset() and ajax_send_email() functions. This makes it possible for unauthenticated attackers to send test emails and reset the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Summary:

The Kadence WooCommerce Email Designer for WordPress has a vulnerability in versions up to and including 1.5.11 that allows unauthenticated attackers to send test emails and reset the plugin's settings via forged requests. This vulnerability has been patched in version 1.5.12.

Detailed Overview:

The Kadence WooCommerce Email Designer plugin is actively installed on over 100,000 WordPress sites. Researchers disclosed a cross-site request forgery (CSRF) vulnerability in the plugin on November 2, 2023. This impacts all versions up to and including 1.5.11.

The vulnerability exists because the ajax_reset() and ajax_send_email() functions lack proper nonce validation. This oversight makes it possible for unauthenticated attackers to send forged requests that reset the plugin's settings or send test emails if they can trick an administrator into clicking a link or taking another action.

While the CVSS score is 4.3 (Medium), this is still a serious vulnerability since it provides an avenue for malicious actors to disrupt store operations or exfiltrate data via test emails. Users are advised to update immediately to version 1.5.12 which contains the fix.

Advice for Users:

  1. Immediate Action: Update to version 1.5.12 or newer as soon as possible.
  2. Check for Signs of Vulnerability: Review recent emails and plugin settings for unauthorized changes.
  3. Alternate Plugins: Consider WooCommerce Email Customizer as an alternate email customization plugin.
  4. Stay Updated: Ensure all WordPress plugins are kept updated to avoid future vulnerabilities.

Conclusion:

The prompt patch from the developers addresses this vulnerability for Kadence WooCommerce Email Designer users. All users should update to version 1.5.12 or newer immediately to protect their sites. Staying current with updates remains one of the best defenses against vulnerabilities.

References:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/kadence-woocommerce-email-designer

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/kadence-woocommerce-email-designer/kadence-woocommerce-email-designer-1511-cross-site-request-forgery

Detailed Report:

Keeping your WordPress website and its plugins up-to-date is one of the most important things you can do to maintain security. Unfortunately, a serious vulnerability was recently disclosed that impacts users of the popular Kadence WooCommerce Email Designer plugin. Versions up to and including 1.5.11 contain a cross-site request forgery (CSRF) vulnerability that could allow attackers to disrupt your business by sending unauthorized emails or resetting plugin settings. Updating to the latest version will patch this security flaw. If you use this plugin, we strongly advise taking action immediately to protect your website. Our team is ready to help anyone concerned about their website security - don't hesitate to reach out. We know keeping on top of vulnerabilities can be challenging, but we're here to help you keep your site safe.

The Kadence WooCommerce Email Designer plugin allows store owners to customize and design their WooCommerce notification emails. It is actively used on over 100,000 WordPress sites. On November 2nd, 2023, researchers disclosed a critical vulnerability impacting all versions up to 1.5.11.

The vulnerability is a cross-site request forgery (CSRF) issue stemming from missing nonce validation on two key plugin functions - ajax_reset() and ajax_send_email(). This oversight enables unauthenticated attackers to send malicious requests resetting plugin settings or sending unauthorized test emails if they can trick an admin into clicking a link.

The risks of this are significant. Attackers could disrupt store operations by resetting email settings causing orders to go unfulfilled. They could also exfiltrate customer data by sending themselves transactional emails. The vulnerability has a CVSS score of 4.3 out of 10, meaning it is a medium risk vulnerability.

Updating to version 1.5.12 patches the vulnerability by implementing proper nonce validation on the affected functions. Users should update immediately if running an older version. It's also important to review recent emails and plugin settings for any unauthorized changes.

Looking back, there has been 1 previous vulnerability in the Kadence WooCommerce Email Designer plugin since September 2022. This highlights the need to stay on top of updates not just for this plugin, but all active plugins.

As a small business owner, keeping on top of vulnerabilities like this can be challenging. But it is critically important to keep your website and plugins updated. If you need help managing WordPress and plugin updates, consider enlisting the help of a managed service provider. They can handle updates and security monitoring, freeing you up to focus on your business. Don't let security fall through the cracks - your website is too important.

As a business owner, you don't have time to constantly monitor for WordPress vulnerabilities like this. At Your WP Guy, we become your outsourced IT team to handle security, updates, maintenance and support. Let us fully audit your site and plugins to assess any impact from this issue. We'll update everything to patched versions so you can rest easy knowing your site is locked down.

Focus on your business goals while we focus on your WordPress site's security. Chat with us anytime during business hours, schedule a call or call 678-995-5169 for a free consultation on securing your online presence.

WordPress Plugin Vulnerability Report – Kadence WooCommerce Email Designer – Cross-Site Request Forgery FAQs

Leave a Comment