An authentication bypass vulnerability in a popular WordPress plugin enables attackers to take complete control over WordPress-powered ecommerce websites, researchers have revealed.
The Wordfence Threat Intelligence team discovered the vulnerability in the Booster for WooCommerce WordPress plugin, which boasts a user base of over 100,000 websites.
The Booster plugin offers over 100 features available in the WooCommerce plugin that helps setup ecommerce stores on WordPress installations.
- Here’s a list of the best Wordpress plugins
- Also take a look at these best WordPress themes
- These are the best WordPress SEO plugins
“This flaw made it possible for an attacker to log in as any user, as long as certain options were enabled in the plugin,” writes Wordfence's Chloe Chamberland.
Forging identities
With a CVSS score of 9.8, Chamberland explains that the vulnerability existed in the plugin’s Email Verification module. The module requires users to verify their email after they have registered on the site.
However, the module didn’t perform the necessary security checks, making it possible for attackers to send a fake verification request as any user and essentially be able to log in with the forged identity.
“As such, an attacker could exploit this vulnerability to gain administrative access on sites running a vulnerable version of the plugin and effectively take-over the site,” explains Chamberland.
A patched version of the plugin has already been released, and Wordfence urges users of the plugin to upgrade to the latest release without delay.
- Secure your WordPress websites with the best WordPress security plugins
