Wordfence Experts warned about a dangerous CSRF vulnerability affecting three popular WordPress plugins supported by Xootix: Login/Signup Popup (20,000 installs), Side Cart Woocommerce (4,000 installs), and Waitlist Woocommerce (60,000 installs).
“The vulnerability allows an attacker to update arbitrary site settings, provided that he can trick the resource administrator into performing some action, clicking on a link,” experts say.
The bug is identified as CVE-2022-0215 and scored 8.8 on the CVSS vulnerability rating scale. The root of the vulnerability lies in the lack of necessary validation when processing AJAX requests. In fact, the problem allows the attacker to set the value of the users_can_register parameter (anyone can register) to true, as well as switch the default_role parameter (the default role for all users who register on the site) to administrator, gaining full control over the resource.
Since the vulnerability was discovered back in November 2021, the bug has already been fixed in Login/Signup Popup version 2.3, Side Cart Woocommerce version 2.1, and Waitlist Woocommerce version 2.5.2.
“Although this CSRF vulnerability is unlikely to be widely exploited (because it requires administrator interaction), it can still have a noticeable impact on a successfully hacked site and serves as an important reminder to be vigilant when clicking on links and opening attachments. , and keep your plugins and themes updated regularly,” say Wordfence experts.
Source: xaker.ru