virus logo Outbreak Alert

WooCommerce Payments Improper Authentication Vulnerability

Released: Jul 26, 2023

Updated: Jul 27, 2023

Download PDF »

WooCommerce Payments Attack Vulnerability Tags

Medium Severity

WordPress Platform

Subscribe

Actively exploited to takeover WordPress websites

An authentication bypass vulnerability affecting the WooCommerce Payments plugin version 4.8.0 through 5.6.1. Successful exploitation of the vulnerability could allow an unauthorized attacker to gain admin privileges on the WordPress websites potentially leading to the site takeover, impersonate arbitrary users, including an administrator. Learn More »

Common Vulnerabilities and Exposures


Background

WooCommerce is a open-source commerce solution built on WordPress and WooCommerce Payments is a popular e-commerce payment plugin for WordPress sites designed for small to large-sized online merchants. According to Woo, the plugin has over 600,000 active installations.

Click here to analyze the

Real-Time Threat Map

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


July 17, 2023: Cybersecurity Researchers at wordfence released a detailed analysis on campaign targeting wordpress sites.
https://www.wordfence.com/blog/2023/07/massive-targeted-exploit-campaign-against-woocommerce-payments-underway/

July 18, 2023: FortiGuard released a Threat signal.
https://www.fortiguard.com/threat-signal-report/5223/


July 24, 2023: FortiGuard Labs has released an IPS signature to detect and block any attack attempts relating to the vulnerability (CVE-2023-28121) and has blocked attack attempts on upto more than 4000+ unique IPS devices.

To mitigate any further risks update the WooCommerce Payments plugin to version 5.6.2 and later.

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT

  • AV

  • AV (Pre-filter)

  • IPS

  • Web App Security

DETECT

  • Outbreak Detection

  • Threat Hunting

RESPOND

  • Assisted Response Services

  • Automated Response

RECOVER

  • NOC/SOC Training

  • End-User Training

IDENTIFY

  • Attack Surface Hardening

  • Business Reputation

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.


References

Sources of information in support and relation to this Outbreak and vendor.


Hacker News

Learn More »
bleeping Computer

Learn More »
About FortiGuard Outbreak Alerts

Learn More »