Critical WordPress plugin bug puts thousands of sites in danger

An abstract image of padlocks overlaying a digital background.
(Image credit: Shutterstock)

An authentication bypass vulnerability in a popular WordPress plugin enables attackers to take complete control over WordPress-powered ecommerce websites, researchers have revealed.

The Wordfence Threat Intelligence team discovered the vulnerability in the Booster for WooCommerce WordPress plugin, which boasts a user base of over 100,000 websites.

The Booster plugin offers over 100 features available in the WooCommerce plugin that helps setup ecommerce stores on WordPress installations

“This flaw made it possible for an attacker to log in as any user, as long as certain options were enabled in the plugin,” writes Wordfence's Chloe Chamberland.

Forging identities

With a CVSS score of 9.8, Chamberland explains that the vulnerability existed in the plugin’s Email Verification module. The module requires users to verify their email after they have registered on the site. 

However, the module didn’t perform the necessary security checks, making it possible for attackers to send a fake verification request as any user and essentially be able to log in with the forged identity.

“As such, an attacker could exploit this vulnerability to gain administrative access on sites running a vulnerable version of the plugin and effectively take-over the site,” explains Chamberland.

A patched version of the plugin has already been released, and Wordfence urges users of the plugin to upgrade to the latest release without delay.   

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.