CVE-2024-13744
📋 TL;DR
The Booster for WooCommerce WordPress plugin versions 4.0.1 through 7.2.4 contain an arbitrary file upload vulnerability due to missing file type validation. Unauthenticated attackers can upload malicious files to the server, potentially leading to remote code execution. WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Booster for WooCommerce WordPress plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete server compromise, data theft, malware deployment, or ransomware installation.
Likely Case
Webshell upload allowing persistent backdoor access, data exfiltration, or site defacement.
If Mitigated
Limited impact if file uploads are restricted at web server level or if file execution is prevented in upload directories.
🎯 Exploit Status
Exploitation requires no authentication and minimal technical skill. Public exploit code exists in security advisories.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 7.2.5
Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3262569/woocommerce-jetpack/trunk/includes/input-fields/class-wcj-product-input-fields-core.php
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Booster for WooCommerce' and click 'Update Now'. 4. Verify version is 7.2.5 or higher.
🔧 Temporary Workarounds
Disable plugin
allTemporarily disable the vulnerable plugin until patching is possible.
wp plugin deactivate woocommerce-jetpack
Restrict upload directory execution
linuxPrevent PHP execution in WordPress uploads directory.
echo '<Files *.php>' > /path/to/wp-content/uploads/.htaccess
echo 'deny from all' >> /path/to/wp-content/uploads/.htaccess
echo '</Files>' >> /path/to/wp-content/uploads/.htaccess
🧯 If You Can't Patch
- Implement web application firewall (WAF) rules to block file uploads to vulnerable endpoints.
- Disable the plugin entirely and use alternative WooCommerce extensions.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Installed Plugins for 'Booster for WooCommerce' version between 4.0.1 and 7.2.4.Check Version:
wp plugin get woocommerce-jetpack --field=versionVerify Fix Applied:
Verify plugin version is 7.2.5 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual file uploads to /wp-content/uploads/ directory
- POST requests to /wp-admin/admin-ajax.php with file upload parameters
- Files with double extensions like .php.jpg in uploads
Network Indicators:
- HTTP POST requests with file uploads to WooCommerce-related endpoints from unauthenticated sources
SIEM Query:
source="web_logs" AND (uri_path="/wp-admin/admin-ajax.php" OR uri_path CONTAINS "wcj") AND method="POST" AND (user_agent CONTAINS "curl" OR user_agent CONTAINS "wget" OR user_agent="-")