CVE-2024-30458 in WOOCS Plugininfo

Summary

by MITRE • 03/29/2024

Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOOCS – WooCommerce Currency Switcher.This issue affects WOOCS – WooCommerce Currency Switcher: from n/a through 1.4.1.7.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 04/10/2025

The CVE-2024-30458 vulnerability represents a critical cross-site request forgery flaw within the realmag777 WOOCS – WooCommerce Currency Switcher plugin, which is widely deployed in e-commerce environments. This vulnerability exists in versions ranging from the initial release through 1.4.1.7, indicating a prolonged period during which the security weakness remained unaddressed. The plugin serves as a currency switching mechanism for WooCommerce stores, allowing customers to view and purchase products in different currencies, making it a core component of many online retail operations. The CSRF vulnerability specifically targets the plugin's administrative functionality, where users with appropriate privileges can be tricked into executing unintended actions without their knowledge or consent.

The technical nature of this vulnerability stems from the absence of proper anti-CSRF token validation within the plugin's administrative endpoints. When administrators interact with the currency switcher settings or perform currency-related operations, the plugin fails to verify the authenticity of requests through the use of time-sensitive tokens or other anti-CSRF mechanisms. Attackers can exploit this weakness by crafting malicious web pages or emails that, when visited or clicked by an authenticated administrator, automatically submit requests to modify currency settings or execute administrative functions within the WooCommerce store. This flaw directly aligns with CWE-352, which defines Cross-Site Request Forgery as a weakness where a web application does not adequately validate the origin of requests, making it susceptible to unauthorized actions performed on behalf of authenticated users.

The operational impact of this vulnerability extends beyond simple currency configuration changes, as it could enable attackers to perform more severe administrative actions within the compromised WooCommerce environment. An attacker who successfully exploits this CSRF vulnerability could potentially modify currency conversion rates, manipulate payment processing configurations, or even disable critical currency switching functionality that could disrupt business operations. The consequences could include financial losses through manipulated pricing, data integrity issues, or the complete compromise of currency-related administrative controls. Given that WooCommerce stores often handle sensitive customer payment information and transaction data, this vulnerability creates a significant risk for both merchants and their customers. The vulnerability also aligns with ATT&CK technique T1566.001, which covers spearphishing attacks through social engineering, as attackers could leverage this weakness to execute attacks through malicious web content that targets authenticated administrators.

Organizations using the affected WOOCS plugin version should immediately implement mitigations to protect their WooCommerce stores from exploitation. The primary recommended approach involves updating to the latest available version of the plugin where the CSRF vulnerability has been patched. Additionally, implementing proper input validation and output encoding practices can help prevent similar issues in other components of the web application. Network-level protections such as web application firewalls and security monitoring systems should be configured to detect anomalous administrative requests that could indicate CSRF attack attempts. Administrators should also enforce strict access controls and implement multi-factor authentication for administrative accounts to reduce the potential impact of successful CSRF exploitation. The vulnerability highlights the importance of maintaining up-to-date security practices in e-commerce environments where plugins and third-party components handle sensitive administrative functions. Organizations should conduct thorough security assessments of their WooCommerce installations to identify other potential CSRF vulnerabilities in related plugins and themes that may be similarly susceptible to exploitation.

Responsible

Patchstack

Reservation

03/27/2024

Disclosure

03/29/2024

Moderation

accepted

CPE

ready

EPSS

0.00241

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!