WordPress Design Flaw Leads to WooCommerce RCE

6 Nov 2018 by Simon Scannell
WordPress

A flaw in the way WordPress handles privileges can lead to a privilege escalation in WordPress plugins. This affects for example WooCommerce, the most popular e-commerce plugin with over 4 million installations. The vulnerability allows shop managers to delete certain files on the server and then to take over any administrator account.

Read More ...

Privilege Escalation in 2.3M WooCommerce Shops

26 Feb 2018 by Karim El Ouerghemmi, Slavco Mihajloski
WooCommerce Object Injection

The WordPress plugin WooCommerce runs on approximately 2,300,000 live websites1 and is currently the most prominent eCommerce platform used on the Web. During our research we discovered a PHP object injection vulnerability in WooCommerce that allows to escalate privileges. The vulnerability was responsibly disclosed to the Automattic security team and was fixed last year with the release of version 3.2.4. In this blog post we investigate how recent changes in the WordPress core database driver opened the doors for this vulnerability. Furthermore, we describe how the circumstances could be exploited with a unique and interesting injection technique.

Read More ...