Lucene search
Jack Misiura1337DAY-ID-34383HistoryMay 07, 2020 - 12:00 a.m.
WordPress WooCommerce Advanced Order Export 3.1.3 Cross Site Scripting Vulnerability
2020-05-0700:00:00
Jack Misiura
0day.today
32
EPSS
0.002
Percentile
61.4%
Exploit for php platform in category web applications
Product: WordPress WooCommerce - Advanced Order Export plugin.
Vendor Homepage: https://algolplus.com/plugins/downloads/advanced-order-export-for-woocommerce-pro/
Vulnerable Version: 3.1.3
Fixed Version: 3.1.4
CVE Number: CVE-2020-11727
Author: Jack Misiura from The Missing Link
1. Vulnerability Description
The WordPress Advanced Order Export WooCommerce plugin does not sanitise the woe_post_type parameter which can be passed through in the URL, allowing for HTML or JavaScript injection.
2. PoC
On a WordPress installation with WooCommerce and a vulnerable Advanced Order Export plugin, issue the following request while logged in as Administrator:
https://wp-site/wp-admin/admin.php?page=wc-order-export&tab=export&woe_post_type=%22%3E%3Cscript%3Ealert(1);#segment=common
3. Solution
The vendor provides an updated version (3.1.4) which should be installed immediately.
# 0day.today [2020-07-19] #Related
cvelist
cvelist
CVE-2020-11727
2020-05-06 17:27:04
CVE-2021-27349
2021-03-31 21:34:09
openvas
openvas
prion
prion
Cross site scripting
2020-05-06 18:15:00
Design/Logic Flaw
2021-03-31 22:15:00
wpvulndb
wpvulndb
cve
cve
CVE-2020-11727
2020-05-06 18:15:11
CVE-2021-27349
2021-03-31 22:15:14
patchstack
patchstack
wpexploit
wpexploit
packetstorm
packetstorm
WordPress WooCommerce Advanced Order Export 3.1.3 Cross Site Scripting
2020-05-05 00:00:00
nvd
nvd
CVE-2020-11727
2020-05-06 18:15:11
CVE-2021-27349
2021-03-31 22:15:14