Websites created with WordPress make up a large part of the pages on the internet. This means that in the event of a vulnerability, it could affect a large majority of sites. Some researchers have discovered a vulnerability that could affect nearly 90.000 Pages.
The security flaw would allow the attacker to update different options of the website and turn it into a vulnerable page to bypass the administrator's actions. This would mainly affect 3 parts of the WooCommerce online commerce plugin: Login, Cart and wishlist.
This type of attack occurs when an authenticated user is tricked into sending a request to the website specially created for the attack. The situation would worsen if the victim turns out to be one of the site administrators.
It is still not known when the plugin update will be released to fix this problem, although it is difficult to exploit this vulnerability since it requires interaction from a web administrator.
Fountain: The Hacker News
Image: Pixabay