Login Sign Up

CVE-2023-0080

8.8 HIGH
Remote Code Execution

📋 TL;DR

The Customer Reviews for WooCommerce WordPress plugin before version 5.16.0 contains a directory traversal vulnerability in a shortcode attribute. This allows authenticated users with contributor role or higher to read arbitrary files and potentially achieve remote code execution by uploading malicious images containing PHP code. The vulnerability affects WordPress sites using the vulnerable plugin version.

💻 Affected Systems

Products:
  • Customer Reviews for WooCommerce WordPress plugin
Versions: All versions before 5.16.0
Operating Systems: All operating systems running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress with the vulnerable plugin installed. Contributors, authors, editors, and administrators can exploit this vulnerability.

📦 What is this software?

Customer Reviews For Woocommerce by Cusrev

View all CVEs affecting Customer Reviews For Woocommerce →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete site compromise, data theft, and potential server takeover if malicious PHP files can be uploaded and included.

🟠

Likely Case

Unauthorized file disclosure including sensitive configuration files, database credentials, and other non-PHP files accessible to the web server.

🟢

If Mitigated

Limited impact if proper file upload restrictions and user role permissions are enforced, preventing malicious file uploads.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires contributor-level access or higher. Attack chain involves directory traversal via shortcode attribute and potentially file upload for RCE.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.16.0

Vendor Advisory: https://wpscan.com/vulnerability/6b0d63ed-e244-4f20-8f10-a6e0c7ccadd4

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Customer Reviews for WooCommerce'. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 5.16.0+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Restrict File Upload Capabilities

all

Limit file upload permissions to prevent malicious image uploads containing PHP code.

Use WordPress role management plugins to remove upload_file capability from contributor and author roles

Disable Plugin

linux

Temporarily disable the vulnerable plugin until patched.

wp plugin deactivate customer-reviews-woocommerce

🧯 If You Can't Patch

  • Implement strict file upload validation to block PHP code in image files
  • Apply principle of least privilege by removing contributor and author roles or restricting their capabilities

🔍 How to Verify

Check if Vulnerable:

Check plugin version in WordPress admin under Plugins → Installed Plugins. If version is below 5.16.0, the site is vulnerable.

Check Version:

wp plugin get customer-reviews-woocommerce --field=version

Verify Fix Applied:

Confirm plugin version is 5.16.0 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file access patterns via shortcode parameters
  • Multiple failed attempts to access sensitive files like wp-config.php
  • Suspicious file uploads by contributor/author users

Network Indicators:

  • HTTP requests containing directory traversal sequences in shortcode attributes
  • Unusual file downloads from plugin directories

SIEM Query:

source="wordpress.log" AND ("..\/" OR "..\\" OR "%2e%2e%2f") AND "customer-reviews-woocommerce"

📊 Metadata

CVE ID: CVE-2023-0080
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: February 13, 2023
Last Updated: March 21, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON