Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

WordPress WooCommerce Advanced Order Export 3.1.3 Cross Site Scripting

Related Vulnerabilities: CVE-2020-11727  
Publish Date: 05 May 2020
Author: Jack Misiura
Source 
                							

                Title: Reflected XSS

 

Product: WordPress WooCommerce - Advanced Order Export plugin.

 

Vendor Homepage: https://algolplus.com/plugins/downloads/advanced-order-export-for-woocommerce-pro/

 

Vulnerable Version: 3.1.3

 

Fixed Version: 3.1.4

 

CVE Number: CVE-2020-11727

 

Author: Jack Misiura from The Missing Link 

 

Website: https://www.themissinglink.com.au

 

Timeline:

 

2020-04-08 Disclosed to Vendor

2020-04-08 Vendor sends fix for testing

2020-04-09 Fix confirmed

2020-04-28 Vendor publishes fix

2020-05-04 Publication

 

1. Vulnerability Description

 

The WordPress Advanced Order Export WooCommerce plugin does not sanitise the woe_post_type parameter which can be passed through in the URL, allowing for HTML or JavaScript injection.

 

2. PoC

 

On a WordPress installation with WooCommerce and a vulnerable Advanced Order Export plugin, issue the following request while logged in as Administrator:

https://wp-site/wp-admin/admin.php?page=wc-order-export&tab=export&woe_post_type=%22%3E%3Cscript%3Ealert(1);#segment=common

 

3. Solution

 

The vendor provides an updated version (3.1.4) which should be installed immediately.

 

4. Advisory URL

 

https://www.themissinglink.com.au/security-advisories
<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started