A file delete vulnerability in WordPress can be elevated into a remote code execution vulnerability for plugins like WooCommerce.
Up to 4 million online merchants who use the popular WooCommerce WordPress plugin are vulnerable to a file deletion vulnerability that could allow a rogue “shop manager” to escalate privileges and eventually execute remote code on impacted websites.
Researchers at RIPS Technologies trace the bug to an unpatched design flaw in the privilege system of WordPress which can lead to an attack. While the flaw impacts many plugins on WordPress, one of the bigger impacted plugins is WooCommerce, an open source e-commerce plugin designed for small to large-sized online merchants using WordPress. WooCommerce powers 30 percent of all online stores — more than any other platform, according to WordPress.
“The vulnerability allows shop managers to delete certain files on the server and then to take over any administrator account,” Simon Scannell, security researcher with RIPS Technologies, said in a Tuesday post.