HQ/EMEAFind out how we can help your business
Many bypass flaws in WordPress plugins have already gathered thousands of installs.
According to researchers, the first security vulnerability is CVE-2023-2986 which has a critical severity score of 9.8 out of 10. The flaw could impact the Abandoned Cart Lite for WooCommerce. This plugin could notify customers who did not complete the purchase process, and it has already gathered over 30,000 active installations.
The notification in the plugin provides a user with a link that quickly logs them in to continue their purchase. It also includes an encrypted value that identifies the cart. Researchers explained that an attacker could use the encryption key to generate identifiers of other users’ carts.
A successful exploit could only appear on abandoned carts and will likely enable a threat actor to log in as standard users. However, the attackers could also access admin-level accounts testing the abandoned cart. In addition, the attacker could potentially result in full-site compromise.
Fortunately, the Abandoned Cart Lite developers released a patch for the flaw, but thousands of websites have yet to take the patch update to fix the vulnerability.
The second flaw in the WordPress plugins is in BookIt.
Earlier this week, the researchers warned everyone regarding the critical vulnerability called CVE-2023-2834, with a CVSS security score of 9.8 out of 10. This flawed WordPress plugin is BookIt which already has 10,000 active installations.
The plugin gives a short code to attach an appointment booking calendar to the sites’ pages. Hence, the platform could allow users to book appointments by disclosing their name, email address, and password.
However, an unauthenticated attacker could log in as any user if they know a user’s email address. They could use this strategy due to insufficient checks of the user-supplied input when booking appointments using the plugin.
Subsequently, the plugin verifies the user ID on the given email address, and if that email belongs to an established user account, it links the request to that account. It sets the authentication cookies without password verification.
Site owners and admins should know these vulnerabilities. Therefore, experts suggest patching these flawed WordPress plugins as soon as possible.
