• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login
WordPress Vulnerability

Cross Site Scripting in YITH WooCommerce Ajax Product Filter

June 22, 2020John Castro

Exploitation Level: Medium / Remote

DREAD Score: 6

Vulnerability: Cross-Site Scripting

Patched Version: 3.11.1

FacebookTwitterSubscribe

During a routine research audit for our Sucuri Web Application Firewall, we discovered a cross-site scripting (XSS) vulnerability affecting 100,000+ users of the YITH WooCommerce Ajax Product Filter  plugin.

Current State of the Vulnerability

This security bug was fixed in the 3.11.1 release. We are not aware of any exploit attempts currently using this vulnerability.

Disclosure / Response Timeline

  • Jun 4, 2020: Initial contact.
  • Jun 22, 2020: Patch is live.

Technical Details

As seen below, the code lacks proper user input sanitization. Successful attacks force victims to execute unwanted actions when they’re authenticated within their user account.

This essentially means that the vulnerability requires user interaction to be successful. If the correct conditions are met, however, an attack may result in malicious scripts executed under the current user context.

Cross-site scripting in YITH plugin

By exploiting this vulnerability, an attacker can perform requests to add unwanted spam content or execute other malicious actions asynchronously based on the privilege level of the victim.

Update as Soon as Possible

To protect against this vulnerability, we strongly encourage YITH WooCommerce Ajax Product Filter users to update their plugin to version 3.11.1 as soon as possible.

Users that are unable to update immediately can leverage the Sucuri Web Application Firewall or equivalent technology to virtually patch the vulnerability.

FacebookTwitterSubscribe

Categories: Vulnerability DisclosureTags: Black Hat Tactics, Hacked Websites, WordPress Plugins and Themes, XSS

About John Castro

John Castro is Sucuri's Vulnerability Researcher who joined the company in 2015. His main responsibilities include threat intelligence and vulnerability analysis. John's professional experience covers more than a decade of pentesting, vulnerability research and malware analysis. When John isn't working with WordPres plugin vulnerabilities, you might find him hiking or hunting for new restaurants. Connect with him on LinkedIn

Reader Interactions

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Sucuri Sidebar Malware Removal to Signup Page

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2023 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.