BOOK THIS SPACE FOR AD
ARTICLE ADJessica Haworth 19 October 2020 at 14:45 UTC
Flaw in popular add-on allows any logged-in customer to achieve admin status
A critical vulnerability in a WordPress plugin with more than 70,000 active installations could grant an attacker full administrative access, including the ability to modify and takeover a site’s database.
The bug in TI WooCommerce Wishlist has been patched in the latest version (1.21.12). Users are being urged to update as soon as possible, as the vulnerability is currently being exploited in the wild.
Security researchers from NinTechNet described how a lack of a capability check and other flaws could enable a malicious actor to take control of a target site running the plugin.
A blog post reads: “The plugin has an import function in the script, loaded with the WordPress , that lacks a capability check and security nonce, allowing an authenticated user to modify the content of the WordPress options table in the database.
“Hackers use it to enable registration by setting the option and then create an admin account by changing the option to administrator.”
Read more of the latest vulnerability news
Despite the fact that WooCommerce blocks non-admin users from entering the WordPress administrative dashboard by default, a bad actor could also bypass the restriction.
“Because WooCommerce allows customer registration, any logged-in customer can exploit this vulnerability,” NinTechNet said.
TI WooCommerce Wishlist is a tool used by e-commerce sites that enables customers to add products to a wishlist.
Data suggests that there are around 70,000 active installations. More than half of these have updated to at least version 1.21, though it isn’t clear how many users are using the most up-to-date release.
This indicates that thousands of users could be vulnerable to attack.
YOU MAY LIKE Vulnerability in WordPress email marketing plugin patched