WordPress Plugin Vulnerabilities
Booster for WooCommerce - Checkout Files Deletion via CSRF
Description
The plugins do not have CSRF check in place when deleting files uploaded at the checkout, allowing attackers to make a logged in shop manager or admin delete them via a CSRF attack
Proof of Concept
Requirements: - Enable the "Checkout File Upload" module of the plugin (/wp-admin/admin.php?page=wc-settings&tab=jetpack&wcj-cat=dashboard§ion=all_module) To delete the checkout files from the Order ID 1, Make a logged in shop manager or admin open: https://example.com/wp-admin/?wcj_download_checkout_file_admin_delete_all=1
Affects Plugins
References
CVE
Classification
Type
CSRF
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
WPScan
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-10-31 (about 1 years ago)
Added
2022-10-31 (about 1 years ago)
Last Updated
2022-11-02 (about 1 years ago)