An authenticated (admin and above) stored cross-site scripting (XSS) vulnerability has been discovered in the Abu Bakar TWB Woocommerce Reviews plugin, affecting versions 1.7.5 and below. This vulnerability could allow an attacker to execute arbitrary JavaScript code in a victim's browser when they access the vulnerable site, potentially leading to sensitive information leakage, unauthorized access, website defacement, or other malicious actions.
Details
This vulnerability exists in the Abu Bakar TWB Woocommerce Reviews plugin integrated in WordPress websites. The issue stems from improper sanitization of user input while creating or updating reviews.. An attacker with admin or higher privileges can exploit this vulnerability by injecting malicious JavaScript code into a review, which will then be stored and executed when the review is displayed to other users.
Install and activate the Abu Bakar TWB Woocommerce Reviews plugin (v1.7.5 or lower).
3. Create or edit a review in the plugin, and insert the following payload into the review content: "><script>alert('XSS');</script>.
4. Save the review and have another user (for example, another admin or a customer) view the crafted review.
5. Upon viewing the review, the JavaScript code will execute, displaying an alert box with the text "XSS". This demonstrates the stored XSS vulnerability.
Exploiting this vulnerability, an attacker could replace the example payload with more advanced and malicious payloads to perform various attacks on the target site and its users, such as stealing session cookies, redirecting users to malicious websites, or executing unauthorized actions on behalf of the users.
References
- CVE-2023-47653 - From the Common Vulnerabilities and Exposures database: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47653
- Abu Bakar TWB Woocommerce Reviews Plugin Homepage: https://wordpress.org/plugins/twb-woocommerce-reviews/
Mitigation
To mitigate this vulnerability, it is highly recommended that users upgrade to the latest version of the plugin as soon as possible. Alternatively, users can deactivate and remove the vulnerable plugin and look for a secure alternative until a patch is released.
Vendor Status
The vendor has been notified of the vulnerability, and a patch is expected to be released soon.
Conclusion
The authenticated stored XSS vulnerability discovered in the Abu Bakar TWB Woocommerce Reviews plugin (v1.7.5 and below) poses a security risk to websites using the plugin and their users. By updating the plugin or implementing other security measures, website owners can help protect themselves and their users from potential malicious attacks.
Timeline
Published on: 11/14/2023 19:15:31 UTC
Last modified on: 11/17/2023 15:56:48 UTC