Fortinet Discovers WordPress Ultimate SMS Notifications Plugin CSV Injection Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered a CVS Injection vulnerability in WordPress Ultimate SMS Notifications for WooCommerce Plugin.
Ultimate SMS Notifications for WooCommerce enables businesses to send messages, create mobile Marketing campaign and reach their customers in over 200 countries and regions all around the world.
The Ultimate SMS Notifications for WooCommerce plugin is vulnerable to CSV Injection via the 'Export Utility' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into billing information like their First Name that will embed into the exported CSV file triggered by an administrator and can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:WordPress.Plugin.Ultimate.SMS.Notifications.CSV.Injection
Released Jan 17, 2020
Users should apply the solution provided by Homescript Team.
Timeline
Fortinet reported the vulnerability to Homescript Team on December 30, 2019
Homescript Team acknowledged the vulnerability on January 2, 2020
Homescript Team patched the vulnerability on December 18, 2020