Discovered by Wordpress security (opens in new tab) experts at Wordfence (opens in new tab), the vulnerability exists in the Variation Swatches for WooCommerce plugin, an extension for the popular WooCommerce plugin (opens in new tab) that enables ecommerce (opens in new tab) sites to display and sell multiple variations of a single product.
The plugin has a user base of 80,000 installations that were affected by the stored cross-site scripting (XSS) vulnerability
Chamberland says the vulnerability exists because the plugin relies on various AJAX actions for managing settings, which weren’t implemented securely. This allowed even the lowest authenticated user with minimal permissions to execute AJAX actions associated with the vulnerable functions.
“As always, malicious web scripts can be crafted to inject new administrative user accounts or even modify a plugin or theme file to include a backdoor which in turn would grant the attacker the ability to completely take over a site,” said Chamberland, commenting on the implications of the bug.
The developers of the plugin have fixed the flaw and released a patched version of the extension, urging all its users to make sure their installations are fully updated.