Binary MLM Woocommerce Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Binary MLM Woocommerce plugin for WordPress, affecting all versions through 2.0. The vulnerability arises from inadequate nonce validation in the 'bmw_display_pv_set_page' function, coupled with insufficient sanitization and escaping of the 'product_points' parameter. This flaw enables unauthenticated attackers to inject arbitrary web scripts by crafting a forged request, provided they can persuade a site administrator to perform a specific action, such as clicking a link.

Impact

Exploitation of this vulnerability could lead to stored Cross-Site Scripting (XSS), where injected scripts are executed in the context of the user.

Reproduction

To reproduce this vulnerability, an attacker must create a forged request that includes the 'product_points' parameter. This request should be sent to a WordPress site with the Binary MLM Woocommerce plugin installed, targeting an administrator. The attacker must trick the administrator into clicking a link that activates the forged request, such as through a phishing email or a compromised website.

Remediation

No known patch is available for this vulnerability. It is recommended to review the vulnerability details and consider uninstalling the affected plugin.