CVE-2021-32789

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be executed against the `wc/store/products/collection-data?calculate_attribute_counts[][taxonomy]` endpoint that allows the execution of a read only sql query. There are patches for many versions of this package, starting with version 2.5.16. There are no known workarounds aside from upgrading.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
GitHub_MCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
automatticwoocommerce_blocks
2.5.0 ≤
𝑥
< 2.5.16
automatticwoocommerce_blocks
2.6.0 ≤
𝑥
< 2.6.2
automatticwoocommerce_blocks
2.7.0 ≤
𝑥
< 2.7.2
automatticwoocommerce_blocks
2.8.0 ≤
𝑥
< 2.8.1
automatticwoocommerce_blocks
2.9.0 ≤
𝑥
< 2.9.1
automatticwoocommerce_blocks
3.0.0 ≤
𝑥
< 3.0.1
automatticwoocommerce_blocks
3.1.0 ≤
𝑥
< 3.1.1
automatticwoocommerce_blocks
3.2.0 ≤
𝑥
< 3.2.1
automatticwoocommerce_blocks
3.3.0 ≤
𝑥
< 3.3.1
automatticwoocommerce_blocks
3.4.0 ≤
𝑥
< 3.4.1
automatticwoocommerce_blocks
3.5.0 ≤
𝑥
< 3.5.1
automatticwoocommerce_blocks
3.6.0 ≤
𝑥
< 3.6.1
automatticwoocommerce_blocks
3.7.0 ≤
𝑥
< 3.7.2
automatticwoocommerce_blocks
3.8.0 ≤
𝑥
< 3.8.1
automatticwoocommerce_blocks
3.9.0 ≤
𝑥
< 3.9.1
automatticwoocommerce_blocks
4.0.0 ≤
𝑥
< 4.0.1
automatticwoocommerce_blocks
4.1.0 ≤
𝑥
< 4.1.1
automatticwoocommerce_blocks
4.2.0 ≤
𝑥
< 4.2.1
automatticwoocommerce_blocks
4.3.0 ≤
𝑥
< 4.3.1
automatticwoocommerce_blocks
4.4.0 ≤
𝑥
< 4.4.3
automatticwoocommerce_blocks
4.5.0 ≤
𝑥
< 4.5.3
automatticwoocommerce_blocks
4.6.0 ≤
𝑥
< 4.6.1
automatticwoocommerce_blocks
4.7.0 ≤
𝑥
< 4.7.1
automatticwoocommerce_blocks
4.8.0 ≤
𝑥
< 4.8.1
automatticwoocommerce_blocks
4.9.0 ≤
𝑥
< 4.9.2
automatticwoocommerce_blocks
5.0.0 ≤
𝑥
< 5.0.1
automatticwoocommerce_blocks
5.1.0 ≤
𝑥
< 5.1.1
automatticwoocommerce_blocks
5.2.0 ≤
𝑥
< 5.2.1
automatticwoocommerce_blocks
5.3.0 ≤
𝑥
< 5.3.2
automatticwoocommerce_blocks
5.4.0 ≤
𝑥
< 5.4.1
automatticwoocommerce_blocks
5.5.0 ≤
𝑥
< 5.5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/woocommerce/woocommerce-gutenberg-products-block-ghsa-6hq4-w6wv-8wrp/pull/1
https://github.com/woocommerce/woocommerce-gutenberg-products-block/security/advisories/GHSA-6hq4-w6wv-8wrp
https://hackerone.com/reports/1260787
https://woocommerce.com/posts/critical-vulnerability-detected-july-2021/
https://wooengineering.wordpress.com/2021/07/14/incident-report-sql-injection-via-store-api/
https://github.com/woocommerce/woocommerce-gutenberg-products-block-ghsa-6hq4-w6wv-8wrp/pull/1
https://github.com/woocommerce/woocommerce-gutenberg-products-block/security/advisories/GHSA-6hq4-w6wv-8wrp
https://hackerone.com/reports/1260787
https://woocommerce.com/posts/critical-vulnerability-detected-july-2021/
https://wooengineering.wordpress.com/2021/07/14/incident-report-sql-injection-via-store-api/