what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

WordPress WooCommerce 2.2.10 Cross Site Scripting

WordPress WooCommerce 2.2.10 Cross Site Scripting
Posted Feb 19, 2015
Authored by Eric Flokstra

WordPress WooCommerce plugin version 2.2.10 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3050b4f52a9bef799cfb09247cc5c4345f9a7d45e75923cfb83f6d4f552d9cff

WordPress WooCommerce 2.2.10 Cross Site Scripting

Change Mirror Download
====================================================
Product: WooCommerce WordPress plugin
Vendor: WooThemes
Tested Version: 2.2.10
Vulnerability Type: Cross-Site Scripting [CWE-79]
Risk Level: Medium
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Solution Status: Solved in version 2.2.11
Discovered and Provided: Eric Flokstra - ITsec Security Services
====================================================
[-] About the Vendor:

WooCommerce is a popular open source WordPress e-commerce plugin with
around 6.2 million downloads.It is built by WooThemes and designed for
small to large-sized online merchants.

[-] Advisory Details:

The WooCommerce plugin gives users the ability to see their stores
performance from month to month using graphs and stats. However
insufficient validation on the request retrieving the reports is
performed, enabling remote execution of arbitrary scripting code in the
target's web browser. This scripting code will be executed within the
security context of the WordPress admin panel.

[-] Proof of Concept:

http://example.com/wordpress/wp-admin/admin.php?page=wc-reports&"><script>alert('ITsec')</script
<http://example.com/wordpress/wp-admin/admin.php?page=wc-reports&%E2%80%9D%3e%3cscript%3ealert%28%27ITsec%27%29%3c/script>>


[-] Disclosure Timeline:

[28 Jan 2015]: Vendor notification
[29 Jan 2015]: Vulnerability confirmation
[29 Jan 2015]: Vulnerability patched
[19 Feb 2015]: Public disclosure

[-] Solution:

Update to version 2.2.11.

[-] References:

[1] WooCommerce Changelog --
https://wordpress.org/plugins/woocommerce/changelog/
[2] Common Vulnerabilities and Exposures (CVE) -- http://cve.mitre.org
[3] Common Weakness Enumeration (CWE) -- http://cwe.mitre.org
[4] ITsec Security Services BV -- http://www.itsec.nl

------------------------------------------------------------------------
ITsec Security Services bv. (KvK. 34181927)

Postal Address:
P.O. Box 5120, 2000GC Haarlem
Visitors Address:
Kenaupark 23, 2011 MR Haarlem

Phone: +31 - (0)23 542 05 78

The information contained in this email communication is confidential and is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. If you are not the intended recipient, you are hereby notified that any disclosure, copying,distribution, or taking any action in reliance of the contents of this information is strictly prohibited and may be unlawful. No rights may be attached to this message. ITsec does not accept any liability for incorrect and incomplete transmission or delayed receipt of this e-mail nor for the effects or damages caused by the direct or indirect use of the information or functionality provided by this posting, nor the content contained within.Use them at your own risk.



Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close