Zero-Day Advisory
Fortinet Discovers WordPress WooCommerce Plugin Cross-Site Scripting Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered a Cross-Site Scripting (XSS) vulnerability in WordPress WooCommerce plugin.
WooCommerce is the most popular WordPress eCommerce plugin. There are more than 1 million installs worldwide. The vulnerability is due to insufficiently sanitizing user-supplied inputs.
A remote attacker may be able to exploit this to inject malicious script code into the web pages generated by WooCommerce plugin. When victims view these crafted web pages via web browser, the injected script code will be automatically executed on behalf of the victims.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:WordPress.WooCommerce.Plugin.Order.Notes.XSS
Released Mar 17, 2015
Users should apply the solution provided by WordPress.
Additional Information
This is a persistent Cross-Site Scripting vulnerability. Any WordPress user can exploit it to inject arbitrary script code by placing a specially-crafted order.
References
Acknowledgement
This vulnerability was discovered by Zhouyuan Yang of Fortinet's FortiGuard Labs.