WordPress Advanced Order Export For WooCommerce plugin <= 3.3.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Vulnerability

The Advanced Order Export For WooCommerce plugin for WordPress, developed by AlgolPlus, is vulnerable to Reflected Cross-Site Scripting (XSS) in versions up to and including 3.3.1. The flaw occurs when an authenticated user with at least shop manager privileges interacts with a crafted URL that injects malicious JavaScript. The plugin fails to properly sanitize input before reflection. [2]

Exploitation

To exploit, an attacker must be authenticated as a shop manager or higher role on a WordPress site running the affected plugin. The attacker crafts a URL containing a malicious script parameter and tricks another user (e.g., an admin) into clicking it. The script executes in the victim's browser session, leveraging the context of the WordPress admin area. [2]

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the victim's browser. This could lead to session cookie theft, admin actions performed without consent, or defacement of the WordPress dashboard. The impact is confined to the victim's browser session but can escalate to full site compromise if an admin is targeted. [2]

Mitigation

The vulnerability is fixed in version 3.3.2 or later. Users are strongly advised to update the Advanced Order Export For WooCommerce plugin to the latest version (4.0.7 as of this writing) [1]. No other workarounds have been disclosed. [2]