WordPress WooCommerce Advanced Order Export 3.1.3 Cross Site Scripting

WordPress WooCommerce Advanced Order Export plugin version 3.1.3 suffers from a cross site scripting vulnerability.

MD5 | 4d813f18afcf977d88533a85efc4c0bf

Title: Reflected XSS

Product: WordPress WooCommerce - Advanced Order Export plugin.

Vendor Homepage: https://algolplus.com/plugins/downloads/advanced-order-export-for-woocommerce-pro/

Vulnerable Version: 3.1.3

Fixed Version: 3.1.4

CVE Number: CVE-2020-11727

Author: Jack Misiura from The Missing Link

Website: https://www.themissinglink.com.au


2020-04-08 Disclosed to Vendor

2020-04-08 Vendor sends fix for testing

2020-04-09 Fix confirmed

2020-04-28 Vendor publishes fix

2020-05-04 Publication

1. Vulnerability Description

The WordPress Advanced Order Export WooCommerce plugin does not sanitise the woe_post_type parameter which can be passed through in the URL, allowing for HTML or JavaScript injection.

2. PoC

On a WordPress installation with WooCommerce and a vulnerable Advanced Order Export plugin, issue the following request while logged in as Administrator:


3. Solution

The vendor provides an updated version (3.1.4) which should be installed immediately.

4. Advisory URL


Related Posts