CVE CyberSecurity Database News

CVE-2024-1954 - Critical Vulnerability in Oliver POS WooCommerce Plugin Leaves Your WordPress Site at Risk

Poster -

A critical vulnerability, dubbed CVE-2024-1954, has been discovered in the popular Oliver POS WooCommerce plugin for WordPress. This vulnerability affects all versions up to, and including, 2.4.1.8 and allows unauthenticated attackers to perform various unauthorized actions through Cross-Site Request Forgery (CSRF).

Oliver POS is an extensively used point-of-sale (POS) plugin for WooCommerce, making it particularly concerning for WordPress website owners who rely on the plugin for their online store's operation. The vulnerability exists due to missing or incorrect nonce validation in the includes/class-pos-bridge-install.php file.

In this post, we'll explore the details of this vulnerability, the risks involved, how it can be exploited, and what you need to do to protect your site.

Exploit Details

The CSRF vulnerability stems from a flaw in the nonce validation process within the Oliver POS WooCommerce plugin. Nonce values are intended to be unique and unpredictable, containing a time-stamp, and primarily used to protect against CSRF attacks. However, the Oliver POS plugin fails to validate this parameter properly, making the website susceptible to CSRF attacks.

If an attacker can trick a site administrator to execute an action, such as clicking on a malicious link, the attacker can potentially control certain aspects of the plugin. The unauthorized actions can include:

Code Snippet

An example of the missing or incorrect nonce validation in includes/class-pos-bridge-install.php file is shown below.

public function __construct() {
  register_activation_hook( __FILE__, array( &$this, "activate_plugin" ) );
  register_deactivation_hook( __FILE__, array( &$this, "deactivate_plugin" ) );
  register_uninstall_hook( __FILE__, array( __CLASS__, "uninstall_plugin" ));

This code snippet demonstrates the registration of activation, deactivation, and uninstall hooks without correctly validating the nonce, leaving the plugin vulnerable to CSRF attacks.

Conclusion

The CVE-2024-1954 vulnerability in the Oliver POS WooCommerce plugin poses a considerable risk for WordPress sites that use the plugin for their online store functionalities. It is crucial to act immediately and update the plugin to the latest version (or at least 2.4.1.9), which addresses this vulnerability and protects against potential CSRF attacks.

In addition, always practice safe browsing habits and be vigilant about clicking on suspicious links. By keeping your WordPress plugins and themes up-to-date, along with practicing good security habits, you can minimize the chances of your site falling victim to cyberattacks.

Timeline

Published on: 02/28/2024 09:15:43 UTC
Last modified on: 02/28/2024 14:06:45 UTC