A new WordPress vulnerability has been discovered which has put WooCommerce stores at risk. WooCommerce, being one of the most popular e-commerce solutions around, has had its user privilege assignments compromised due to a WordPress vulnerability. The said vulnerability has exploited attackers to hijack WooCommerce websites.
Simon Scannel, a security researcher from RIPS technologies, mentioned in his blog post that the flaw specifically impacts WooCommerce.
The vulnerability allows shop managers to delete certain files on the server and then to take over any administrator account.
A file deletion bug, which at first wasn’t seen as harmful, allowed attackers to delete index.php files causes a denial of service. However, when it is combined with WordPress, its severity increases.
The vulnerability allows shop managers to misuse their privileges and execute remote code on impacted websites. The WooCommerce plugin assigns roles that include customer, shop manager and admin. The shop manager can manage all the settings of the WooCommerce store, including creating and editing products.
The bug will allow shop managers to open the vulernable log in WordPress. By injecting a payload, the shop manager could delete the WooCommerce plugin which disables the run-time restrictions. This will allows the shop manager to take over the admin account of that store.
“Arbitrary file deletion vulnerabilities aren’t considered critical in most cases as the only thing an attacker can cause is a Denial of Service by deleting the index.php of the website,” Scannell wrote. “[We] detail how deleting certain plugin files in WordPress can disable security checks and then leads to a full site takeover.”
Scannel also stated that anyone with a shop manager role can conduct such an exploit. However, the exploit has a drawback. If a shop does decide to go through with the attack, all the data on the target store will be lost.
An attacker can easily access the shop manager role through the XSS vulnerability to exploit the discovered flaw which will give access to admin accounts. The attacker can also execute this through a phishing campaign which will make an attack chain possible.
WordPress has seen a number of such vulnerabilities and is often considered as the most targetted CMS in the world. This is because of its popularity and the massive number of websites that are built on WordPress. This makes WordPress a huge target for attackers everywhere.
The post WordPress Vulnerability Discovered – Puts WooCommerce Stores at Risk! appeared first on WPblog.