Critical WordPress plugin bug puts thousands of sites at risk
An authentication bypass vulnerability in a WordPress plugin allows attackers to take full control of WordPress-powered e-commerce sites, researchers revealed.
The Wordfence The Threat Intelligence team discovered the vulnerability in the Booster for WordPress WooCommerce Extension, which has a user base of over 100,000 websites.
The Booster plugin offers over 100 features available in the WooCommerce plugin which helps to set up eCommerce stores on WordPress installations.
“This flaw allowed an attacker to connect as a user, as long as certain options were enabled in the plugin”, writing Chloe Chamberland of Wordfence.
With a CVSS score of 9.8, Chamberland explains that the vulnerability existed in the plugin email verification module. The module asks users to verify their E-mail after their registration on the site.
However, the module failed to perform the necessary security checks, allowing attackers to send a fake user verification request and essentially be able to log in with the fake identity.
As such, an attacker could exploit this vulnerability to gain administrative access to sites running a vulnerable version of the plug-in and effectively take over the site, ”explains Chamberland.
A corrected version of the plugin has already been released and Wordfence urges users of the plugin to upgrade to the latest version without delay.