Scroll Top

WP Security: 11 plugin vulnerabilities in April 2018

By Csaba, Miklós WP Security WP SERVICES 14 May 2018

WP SECURITY: 11 PLUGIN VULNERABILITIES IN APRIL 2018

For your WP Security, be informed about the latest vulnerabilities in WordPress plugins:

  1. WP Security Audit Log Plugin
    • Sensitive Information Disclosure reported by Colette Chamberland (https://www.defiant.com; @cjchamberland). No protection on the wp-content/uploads/wp-security-audit-log/*; which is indexed by google and allows for attackers to possibly find user information (bad login attempts). Google Dork: inurl:/wp-content/uploads/wp-security-audit-log/
      • immediately upgrade to version 3.1.2 to fix the vulnerability
  2. WordPress File Upload
    • Security Issue in Shortcodes reported by Ryan (https://dewhurstsecurity.com/; @ethicalhack3r). The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes.
    • Cross-Site Scripting (XSS) reported by Ryan (https://dewhurstsecurity.com/; @ethicalhack3r). The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS.
      • immediately upgrade to version 4.3.4 to fix both vulnerabilities

    3. Our only security is our ability to change. ~ John Lilly

    WP Security
  3. My Calendar
    • Authenticated Cross-Site Scripting (XSS) reported by Ryan (@ethicalhack3r; https://dewhurstsecurity.com/. An authenticated user, who can add new events, can inject arbitrary javascript code via event_time_label input. The arbitrary code runs both on the event page and in the admin panel. In my-calendar-event-manager.php, line 1873, the variable $eventTime is not sanitized.
      • immediately upgrade to version 2.5.17 to fix the vulnerability
  4. WP Background Takeover
    • Directory Traversal reported by Colette Chamberland (@cjchamberland; https://defiant.com). Allows for an attacker to browse files via the download.php file. https://target[.]com/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php
      • immediately upgrade to version 4.1.5 to fix the vulnerability
  5. Relevanssi
    • Cross-Site Scripting (XSS) reported by Ryan (@ethicalhack3r; https://dewhurstsecurity.com). Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the tab GET parameter.
      • immediately upgrade to version 4.0.5 to fix the vulnerability

    6. At the end of the day, the goals are simple: safety and security. ~ Jodi Rell

    WP Security
  6. Contact Form 7 to Database Extension
    • CSV Injection reported by Ryan (@ethicalhack3r; https://dewhurstsecurity.com). CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote attackers to inject spreadsheet formulas into CSV files via the contact form.
      • immediately upgrade to version 2.10.36 to fix the vulnerability
      • This plugin has been closed and is no longer available for download. https://wordpress.org/plugins/contact-form-7-to-database-extension/
  7. WP Live Chat Support
    • Unauthenticated Stored XSS reported by Luigi https://www.gubello.me/blog/. An unauthenticated user can inject arbitrary javascript code in the admin panel by using the text field “Name” of WP Live Chat Support. The arbitrary code runs on the page wplivechat-menu-history. In the file wp-live-chat-support.php there is no sanitization of $result->id (row 4439). WP Live Chat Support 8.0.05 is vulnerable, probably earlier versions too.
      • immediately upgrade to version 8.0.06 to fix the vulnerability
  8. WP Image Zoom
    • Cross-Site Request Forgery (CSRF) reported by Ryan (@ethicalhack3r; https://dewhurstsecurity.com). The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
      • immediately upgrade to version 1.24 to fix the vulnerability

    9. Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!

    WP Security
  9. Responsive Cookie Consent
    • Authenticated Stored Cross-Site Scripting (XSS) reported by B0UG. A persistent cross-site scripting vulnerability has been found in the web interface of the plugin that allows the execution of arbitrary HTML/script code to be executed in the victim's browser when they visit the website.
      • immediately upgrade to version 1.8 to fix the vulnerability
  10. UK Cookie Consent
    • Authenticated Stored Cross-Site Scripting (XSS) reported by B0UG. A persistent cross-site scripting vulnerability has been identified in the web interface of the plugin that allows the execution of arbitrary HTML/script code to be executed in a victim's web browser.
      • immediately upgrade to version 2.3.10 to fix the vulnerability
  11. Caldera Forms
    • Multiple Cross-Site Scripting (XSS) reported by Ryan (@ethicalhack3r; https://dewhurstsecurity.com). Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form.
      • immediately upgrade to version 1.6.0 to fix the vulnerability

Protect your WordPress: BEFORE IT'S TOO LATE! You will also protect your customers, your reputation and your online business!

WP Security

Related Posts

WP SECURITY
WP Vulnerability JUN 2022 Centralised Abuse Highlights
16 Jun 2022
WP SECURITY
WP Security: plugin vulnerabilities September

For your WP Security, be informed about the latest vulnerabilities in WP plugins: Participants Database Cross site scripting (XSS) reported by Benjamin Lim (https://limbenjamin.com). Exploit allows attackers to inject arbitrary Javascript via the Name parameter. immediately update to version 1.7.5.9 to fix vulnerability Display Widgets Backdoored reported by Jonas Lejon…

01 Oct 2017
WP SECURITY
WP Security: 12 plugin vulnerabilities in NOV 2018

WP Security bulletin – NOVEMBER 2018 At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest 12 vulnerabilities in WordPress plugins identified and reported publicly. As these vulnerabilities are disclosed, when you use one (or more) of these outdated plugins – your risking serious WordPress…

07 Jan 2019
WP SECURITY
WP SECURITY FEBRUARY 2021 centralised abuse highlights
15 Mar 2021
WP SECURITY
WP SECURITY JANUARY 2021 centralised abuse highlights
26 Feb 2021
WP SECURITY
WP SECURITY MARCH 2021 centralised abuse highlights
30 Apr 2021
CLOUD ROI
Still waiting for your CLOUD ROI? You, me and everybody else!
14 Oct 2022
THEMES VULNERABILITY 2022
WP Theme CVE DEC 2023: 24 Premium Hack risk
04 Dec 2023
WORDPRESS SECURITY
Gamification WILL BOOST your Company’s Culture about WP Security

Gamification WILL BOOST your Company’s Culture about WordPress Security There are always open holes in specific company’s WordPress Security, consisting of but not restricted to: Unpatched systems, reused passwords and misconfigurations. IT professionals and owners always want to fortify their organization’s defences, however regrettably, the rest of the business might…

04 Oct 2019
WORDPRESS LOGO
WordPress 4.9.2 Security and Maintenance Release

WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files…

22 Jan 2018
WP SECURITY
WordPress Core Vulnerability February 2018

For your WordPress protection, be informed about the latest WordPress Core vulnerability IS STILL UNPATCHED since it’s first official report January 29, 2018 or it’s official disclosure date: Monday, February 5, 2018. All versions of WordPress starting with the latest 4.9.4 and below have the Application Denial of Service (DoS)…

01 Mar 2018
WORDPRESS PROTECTION
TOP 3 always ignored WordPress protection

TOP 3 always ignored WordPress protection Everybody wants what is best for them, there are no exceptions. When we’re doing on-demand cleaning services, like malware CLEANUP or undo DISASTERS (infection/hack removal); we often hired to do also a Security AUDIT to find out how this happened and do the necessary…

12 Mar 2019
UNDERWATER FIRE
Why is your WordPress Security always under fire?

Why is your WordPress Security always under fire? WordPress IS THE SAFEST and most popular content management system (CMS). There is no doubt about this. However, the truth is, all sites are targets for hackers so nobody is immune. Even a fresh install of WordPress with nothing on it, without…

01 Mar 2019
VULNERABILITY
WordPress Plugin Vulnerabilities OCT 2022
13 Oct 2022
SECURITY
Is WordPress Secure?

With so many bad news of vulnerabilities and hackers attempting to compromise WordPress sites regularly, you start wondering if WordPress is really secure at all. You can stop wondering because WordPress is secure! The popularity numbers create this negative effect. Today, WordPress powers 27% of all sites on the web…

17 Jul 2017
owlpower.eu
Top Searches:
infected hacked migrate perfect pagespeed managed monitoring