WooCommerce patch released addressing WordPress design flaw - FullHost ®

WooCommerce patch released addressing WordPress design flaw

A researcher at RIPS Technologies GmbH, Simon Scannell, detected and reported a file deletion vulnerability in WooCommerce, a very popular WordPress plugin for e-shops, that allows shop managers to delete certain files and then take over any administrator account.

This vulnerability was fixed is version 3.4.6 that was released on October 11, 2018. If you’ve already updated to version 3.4.6, the good news for you is your job is done. If you haven’t yet updated, download the latest release or go to your dashboard > Updates to complete the update.

If you are subscribed to our Managed WordPress Hosting automatic updates, this patch would have been applied automatically for you.

Details of this Vulnerability

While this patch addresses WooCommerce specifically, the flaw exposes a design flaw in how WordPress handles privileges.  The exploiting this file delete vulnerability can elevate the file delete in to a remote code execution vulnerability.

In plain language, if someone was to gain control of the user role shop manager (through a XSS vulnerability or phishing attack), by exploiting this vulnerability the shop manager can then take over any administrator account an execute whatever code they desire to further compromise your WordPress installation.

While any vulnerability is important to patch, the slightly good news with this potential exploit is that they do require access to the shop manager.

What is WooCommerce

WooCommerce is an immensely popular plugin for WordPress, with estimates of approximately 3.3 million online e-shops using WooCommerce worldwide.

It provides a very scalable and flexible solution that allows you sell basically anything that you offer and integrate shipping and payments as well.

Posted in Security and Vulnerabilities

Leave a Reply

Your email address will not be published. Required fields are marked *