Stored Cross-Site Scripting in One Click Upsell Funnel Plugin for WordPress
CVE-2024-11938

6.4MEDIUM

Key Information:

Vendor: Wordpress
Status: One Click Upsell Funnel For WooCommerce – Funnel Builder For WordPress, Create WooCommerce Upsell, Post-purchase Upsell & Cross Sell Offers That Boost Sales & Increase Profits With Sales Funnel Builder
Vendor: CVE Published:; 21 December 2024

Summary

CVE-2024-11938 exposes a serious stored cross-site scripting (XSS) vulnerability in the One Click Upsell Funnel plugin for WooCommerce, specifically through the 'wps_wocuf_pro_yes' shortcode. This vulnerability impacts all versions up to and including 3.4.9 due to inadequate input sanitization and output escaping of user-supplied attributes. As a result, authenticated attackers with contributor-level access or higher can exploit this vulnerability to inject arbitrary web scripts into pages. These scripts will execute when users access the affected pages, potentially compromising sensitive data and jeopardizing site integrity. It is crucial for users of this plugin to update to the latest version immediately to mitigate the risk.

Affected Version(s)

One Click Upsell Funnel for WooCommerce – Funnel Builder for WordPress, Create WooCommerce Upsell, Post-Purchase Upsell & Cross Sell Offers that Boost Sales & Increase Profits with Sales Funnel Builder * <= 3.4.9

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/woo-one-click-...

https://wordpress.org/plugins/woo-one-click-upsell-funnel...

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 21, 2024
Vulnerability Reserved
Nov 27, 2024

Credit

Peter Thaleikis