0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
WordPress Preview E-mails For WooCommerce 1.6.8 Cross Site Scripting Vulnerability
Author
Risk
[
Security Risk Medium
]0day-ID
Category
Date add
CVE
Platform
Description: Reflected Cross-Site Scripting Affected Plugin: Preview E-mails for WooCommerce Plugin Slug: woo-preview-emails Affected Versions: <= 1.6.8 CVE ID: CVE-2021-42363 CVSS Score: 6.1 (Medium) CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Researcher/s: Chloe Chamberland Fully Patched Version: 2.0.0 Preview E-mails for WooCommerce is a simple plugin designed to give site owners the ability to preview the emails that are sent to customers via WooCommerce. Unfortunately, the plugin had a flaw that made it possible for attackers to inject malicious web scripts into the `digthis-woocommerce-preview-emails` page. As part of the plugin’s functionality, there is a feature to search orders and to generate an email preview based upon a specific order, so that an administrator or shop manager can see exactly what a specific user sees for the emails that get sent out. Unfortunately, the search_orders parameter, used to conduct the search, was reflected to the page and had no input sanitization or escaping upon output which made it possible for users to supply arbitrary scripts that would execute in the browser when the page was accessed with the payload set in the search_orders parameter. This meant that if an attacker could successfully convince a site administrator to click on a link, they could get malicious JavaScript to execute in that administrator’s browser. This script could be crafted to inject a new administrative user or even modify a plugin or theme file to include a backdoor which in turn would grant the attacker the ability to completely take over the site. Timeline November 1, 2021 – Conclusion of the plugin analysis that led to the discovery of a Reflected Cross-Site Scripting Vulnerability in the Preview E-mails for WooCommerce plugin. We validate that the Wordfence Firewall provides complete protection. We initiate contact with the developer. November 3, 2021 – The developer confirms the inbox for handling the discussion. November 4, 2021 – We send over the full disclosure details. October 8, 2021 – A fully patched version of the plugin is released as version 2.0.0. Conclusion In today’s post, we detailed a flaw in the Preview E-mails for WooCommerce plugin that made it possible for attackers to inject malicious web scripts into a page that would execute if an attacker successfully tricked a site administrator into performing an action. This flaw has been fully patched in version 2.0.0. We recommend that WordPress users immediately verify that their site has been updated to the latest patched version available, which is version 2.0.1 at the time of this publication. # 0day.today [2024-09-28] #