WooCommerce Payments Bug Allows WordPress Site Takeover

Wordpress Woocomerce
Wordpress Woocomerce

Update WooCommerce Plugin Now!

The Critical Authentication Bypass in WooCommerce Payments Allows Site Takeover, and affects 500,000 users.

If your site has Wordfence Premium, Wordfence Care, or Wordfence Response installed, your site will have received a firewall rule today, March 23, 2023, protecting it against this vulnerability. If your site is running the free version of Wordfence, the rule will become available 30 days from now, on April 22, 2023.

WooCommerce Payment Plugin Works?

WooCommerce is an open-source e-commerce plugin for WordPress. It is designed for small to large-sized online merchants using WordPress.

It claims securely accept major credit and debit cards, and allow customers to pay you directly without leaving your WooCommerce store. View and manage transactions from one convenient place – your WordPress dashboard.

WooCommerce Payments Vulnerability Information

Description: Authentication Bypass and Privilege Escalation
Affected Plugin: WooCommerce Payments
Plugin Slug: woocommerce-payments
Plugin Developer: Automattic
Affected Versions: 4.8.0 – 5.6.1
CVE ID: Pending Information
CVSS Score: 9.8 (Critical)
Fully Patched Version: 5.6.2
Researcher: Michael Mazzolini

The WooCommerce Payments plugin is a fully integrated payment solution for WooCommerce developed by Automattic. Unfortunately it contained functionality designed to integrate with the WooCommerce Payment Platform that allowed unauthenticated attackers to impersonate any user on the site in some contexts, which could then be used to gain full access to a site’s administrator account. We are withholding additional details at this time to give users time to update.

According to WooCommerce, the vulnerability was disclosed by Michael Mazzolini of GoldNetwork via their HackerOne program.

What To Do?

  • You need to Update latest version of the WooCommerce Payments plugin, a new version 5.6.2.
  • Additionally, you should make sure all administrator passwords have been changed, as well as rotating payment gateway and WooCommerce API keys.
  • WooCommerce Payments is installed on over 500,000 sites, and this is a critical-severity vulnerability.

This vulnerability allows unauthenticated attackers to completely take over a vulnerable site, and we expect to see mass exploitation in the near future, and recommend that all users update to the latest version available, which is 5.6.2 at the time of this writing.

Also See – Website Security

Join Our Club

Enter your Email address to receive notifications | Join over Million Followers

Previous Article
LIVE Cyber Attack MAPS

Top 8 Live Cyber Attack Maps

Next Article

Top 9 OSINT Tools - Uncover Hidden Vulnerabilities

Related Posts