Sunday, May 19, 2024
HomeCyber Security BlogsMalicious Code-Injection Enabled By WooCommerce's Pricing Plugin

Malicious Code-Injection Enabled By WooCommerce’s Pricing Plugin

A couple of security flaws in Envato’s WooCommerce Dynamic Pricing and Discounts plugin might allow unauthorized attackers to execute arbitrary malicious scripts into unencrypted websites. This can lead to a number of assaults, such as website redirections to phishing pages, the injection of malicious codes on product pages, and so on.

The plugin, which has over 19,700 purchases on Envato Market, provides a number of pricing and marketing tools for e-commerce websites, such as bulk pricing, tiered pricing, special offers, deals of the day, bundled pricing, flash sales, wholesale pricing, member pricing, individual pricing, behavioral pricing, loyalty programs, location-based pricing, and so on. It also allows for conditional price increases and other costs.

As per Ninja Technologies Network experts, the two unauthenticated flaws affect versions 2.4.1 and lower. The first one is a high-severity stored cross-site scripting (XSS) vulnerability, while the other is a medium-severity configuration export issue.

As per a Tuesday post by NinTechNet, the XSS flaw resides in the __construct method of the “wc-dynamic-pricing-and-discounts/classes/rp-wcdpd-settings.class.php” script.

“It lacks a capability check and a security nonce and thus is accessible to everyone, authenticated or not,” researchers explained. “An unauthenticated user can import the plugin’s settings. Because some fields aren’t sanitized, the attacker can inject JavaScript code into the imported JSON-encoded file.”

They said that if the code is successful, it would be run on every product page of the WooCommerce e-shop. Furthermore, attackers may substitute JavaScript code with any HTML elements, including a Meta Refresh tag, to reroute users and customers to a fraudulent website.

Furthermore, the import operation misses a safety nonce to protect from cross-site request forgery (CSRF) attacks, which occur when a user submits illegal orders from a website which the web app trusts.

The second flaw arises because a fundamental export operation lacks an ability check and is available to all users, authorized or not.

“An unauthenticated user can export the plugin’s settings, inject JavaSript code into the JSON file and reimport it using the previous vulnerability,” according to NinTechNet.

The vulnerabilities have been resolved in version 2.4.2, however, the CSRF check has not been corrected, according to the researchers.

Clients of WooCommerce, WordPress’s popular e-commerce platform, are no novices to needing to patch security issues, and it’s critical to stay on top of patching. WooCommerce, for example, pushed emergency remedies for a serious SQL injection security flaw in the main platform as well as a related plugin that was attacked as a zero-day flaw last month. The flaw may allow unauthorized cyberattackers to steal a trove of information out of a digital store’s database, including everything from consumer data and credit card information to staff credentials.



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us