Flaws in WordPress eCommerce Plugin Expose Over 5,000 Websites

Thursday, April 30, 2015

Eduard Kovacs

Af7244bb99debb4a1152fa49a993a05c

Researchers at High-Tech Bridge have identified several vulnerabilities in TheCartPress, an eCommerce plugin installed on more than 5,000 WordPress websites.

According to experts, the plugin is plagued by security holes that can be exploited for cross-site scripting (XSS) attacks, arbitrary PHP code execution, and sensitive data disclosure.

Researchers uncovered several XSS vulnerabilities (CVE-2015-3300). One of them, a stored XSS, affects the checkout process and is caused by the lack of user input sanitization in some fields of the “Shipping address” and “Billing address” sections.

An unauthenticated attacker can exploit the vulnerability to inject malicious HTML or JavaScript code into vulnerable websites in an effort to target users and administrators, High-Tech Bridge said in its advisory.

Four other XSS flaws discovered by experts can be exploited by an attacker to get website administrators to execute arbitrary code by tricking them into clicking on a specially crafted link.

Read the rest of this story on SecurityWeek.com.

8723
Operating Systems SPAM Viruses & Malware Breaches CVE DB Vulns US-CERT
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.