The Common Vulnerabilities and Exposures (CVE) recently unveiled a 'Missing Authorization vulnerability' in the popular WooCommerce plugin - ByConsole WooODT Lite. This vulnerability affects plugin versions from n/a up to 2.4.6. It allows cybercriminals to exploit incorrectly configured access control security levels, presenting a severe threat to e-commerce websites.
ByConsole WooODT Lite is a WordPress plugin designed to assist WooCommerce store owners in managing their order delivery and pickup times. However, due to this vulnerability, attackers can potentially take control of user accounts, manipulate sensitive data, and compromise website security.
Code Snippet
The exploit is focused on the improper implementation of access control security levels, allowing attackers to modify users' roles.
function byconsolewooodt_user_role_update() {
$new_role_array = array();
foreach($_POST['byconsolewooodt_permission_levels'] as $index => $permission_level) {
$new_role_array[$permission_level] = $_POST['byconsolewooodt_allowed_roles'][$index];
}
update_option('byconsolewooodt_user_role_management', $new_role_array);
}
add_action('admin_post_byconsolewooodt_user_role_update', 'byconsolewooodt_user_role_update');
In this code snippet, the plugin allows each user with a certain role to access defined permissions without proper authorization. This oversight creates an opportunity for malicious attackers to exploit this vulnerability.
Exploit Details
A bad actor can exploit this vulnerability by gaining unauthorized access to modify user roles or order details within the WooCommerce plugin. The attacker would need to craft a malicious HTTP POST request to the admin post handling URL /wp-admin/admin-post.php with the following POST parameters:
'action': 'byconsolewooodt_user_role_update'
'byconsolewooodt_permission_levels[]': 'capability_name'
'byconsolewooodt_allowed_roles[]': 'role_name'
The attacker can then use this access to manipulate user accounts, order data, product stock, and more - creating havoc for the store owner.
There are two recommended steps that website owners should take to prevent exploitation
1. Update the plugin: ByConsole has released a fix for this vulnerability in their latest WooODT Lite version 2.4.7. Users are strongly advised to update the plugin to the most recent release to secure their website.
(Update link: https://wordpress.org/plugins/byconsole-woo-order-delivery-time/advanced/)
2. Implement proper authorization checks: Developers must ensure that proper access control mechanisms are implemented with suitable authorization checks for each user role and permissions to prevent unauthorized access to sensitive data and restricted actions.
To learn more about this vulnerability, consult the following resources
- CVE-2023-47179 Details: https://nvd.nist.gov/vuln/detail/CVE-2023-47179
- ByConsole WooODT Lite Plugin: https://wordpress.org/plugins/byconsole-woo-order-delivery-time/
- WPScan Vulnerability Database: https://wpscan.com/vulnerability/1297da78-81ae-4ce7-85bf-21e125ef2809
Conclusion
CVE-2023-47179 is a pressing vulnerability that can compromise WooCommerce stores using the ByConsole WooODT Lite plugin. It is crucial for store owners to update the plugin to the latest version and ensure proper authorization checks are in place to protect customers and their sensitive data.
Timeline
Published on: 01/02/2025 12:15:14 UTC