WordPress Plugin Vulnerabilities

Abandoned Cart Lite for WooCommerce < 5.2.0 - Unauthenticated Stored Cross-Site Scripting (XSS)

Description

The save_data() AJAX call, used by unauthenticated users, such as guest during the checkout process, does not sanitise or validate user input (for example billing_first_name, billing_last_name, and billing_company fields). This leads to a Stored Cross-Site Scripting issue which will be triggered in the admin dashboard.

Affects Plugins

Plugin icon
woocommerce-abandoned-cart
Fixed in 5.2.0
Plugin icon
woocommerce-abandoned-cart-pro
Fixed in 5.2.0

References

CVE
CVE-2019-25152
URL
https://www.wordfence.com/blog/2019/03/xss-flaw-in-abandoned-cart-plugin-leads-to-wordpress-site-takeovers/
URL
https://plugins.trac.wordpress.org/changeset/2033212/woocommerce-abandoned-cart

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
9.6 (critical)

Miscellaneous

Submitter
Ryan Dewhurst
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
915420b1-f476-481e-9b11-b736a7cfdda7

Timeline

Publicly Published
2019-03-11 (about 5 years ago)
Added
2019-03-11 (about 5 years ago)
Last Updated
2023-06-22 (about 10 months ago)

Other

Published
Title
Published
2024-03-29
Title
Tax Rate Upload <= 2.4.5 - Reflected Cross-Site Scripting
Published
2018-11-14
Title
Easy Custom Auto Excerpt <= 2.4.6 - XSS
Published
2023-12-27
Title
Custom Post Carousels with Owl < 1.4.7 - Authenticated (Editor+) Stored Cross-Site Scripting
Published
2022-08-29
Title
Visual Composer Website Builder < 45.0.1 - Authenticated Stored XSS via Text Block
Published
2014-04-25
Title
Geo Redirector <= 1.0.1 - XSS