WP Security: 47 plugin vulnerabilities in June 2019

WP Security: 47 plugin vulnerabilities in June 2019

WP Security bulletin – June 2019

At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest 47 vulnerabilities in WordPress plugins identified and reported publicly in June 2019. As these vulnerabilities are disclosed, when you use one (or more) of these outdated plugins – your risking serious WordPress breaches to your site(s).


  • Download Manager
    • Various Sanitisation Issues reported officially.
      • WP Security recommendation: immediately upgrade to version 2.9.97 to fix the vulnerability.

    • Easy Digital Downloads
      • Stored XSS reported officially. Stored XSS (Cross Site Scripting) via the IP addresses in logs.
        • WP Security recommendation: immediately upgrade to version 2.9.16 to fix the vulnerability.

      • Affiliates Manager
        • CRSF Issues reported officially. The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
          • WP Security recommendation: immediately upgrade to version 2.6.6 to fix the vulnerability.

        • Related YT Videos
          • CSRF & XSS reported officially.
            • WP Security recommendation: immediately upgrade to version 1.9.9 to fix the vulnerability.

          • Finale WooCommerce Sale Countdown
            • Arbitrary File Upload reported officially. The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product’s environment.
              • WP Security recommendation: immediately upgrade to version 2.9.1 to fix the vulnerability.

            • Breadcrumbs by menu
              • Multiple Issues reported officially. XSS, CSRF leading to options update.
                • WP Security recommendation: immediately upgrade to version 1.0.3 to fix the vulnerability.

              • WP-Members
                • Cross-Site Request Forgery (CSRF) reported by Akash Labade (s-labsecurity.com). No CSRF Protection on Add new Fields. Can also Edit and Delete fields the same way.
                  • WP Security recommendation: immediately upgrade to version 3.2.8.1 to fix the vulnerability.

                • WebP Express
                  • Multiple Issues reported. Arbitrary File Viewing, CRSF, XSS, and Unauthorised Access. The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
                  • Authenticated Stored XSS reported by Akash Labade. The reported issue has been fixed in 0.14.5. Other sanitisation checks have been implemented in newest versions (such as 0.14.6 and 0.14.8) while the plugin was closed, so the fixed in is set to 0.14.8
                    • WP Security recommendation: immediately upgrade to version 0.14.11 to fix the vulnerability.

                  • IP Address Blocker
                    • CSRF leading to Arbitrary File Upload reported. The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product’s environment.
                      • WP Security recommendation: immediately upgrade to version 10.5 to fix the vulnerability.

                    • Share This Image
                      • Stored XSS reported by Kishan Kumar. Stored XSS occurs when a web application gathers input from a user which might be malicious, and then stores that input in a data store for later use. The input that is stored is not correctly filtered.
                        • WP Security recommendation: immediately upgrade to version 1.20 to fix the vulnerability.

                      • Messenger Customer Chat
                        • CSRF reported. The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
                          • WP Security recommendation: immediately upgrade to version 1.3 to fix the vulnerability.

                        • Seo by Rank Math
                          • XSS Issues reported. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
                          • Authenticated Settings Reset reported. Allows any authenticated user (with a role as low as subscriber) to reset Settings of the plugin.
                            • WP Security recommendation: immediately upgrade to version 1.0.27 to fix the vulnerability.

                          • GA Backend Tracking
                            • XSS reported.The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
                              • WP Security recommendation: immediately upgrade to version 1.2.1 to fix the vulnerability.

                            • Easy Pdf Restaurant Menu Upload
                              • XSS reported. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
                                • WP Security recommendation: immediately upgrade to version 1.2 to fix the vulnerability.
                            •  

Our only security is our ability to change. ~ John Lilly


  • Facebook for WooCommerce
    • Cross-Site Request Forgery (CSRF) reported. The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
      • WP Security recommendation: immediately upgrade to version 1.9.15 to fix the vulnerability.

    • Shortlinks by Pretty Links
      • Stored XSS and CSV Injection reported by Jerome Bruandet (nintechnet.com). In the “app/models/PrliUtils.php” script, the track_link() function retrieves some user input for statistical purposes: HTTP_REFERER, REQUEST_URI, HTTP_USER_AGENT and the user IP. But this data is neither validated nor sanitized.
        • WP Security recommendation: immediately upgrade to version 2.1.10 to fix the vulnerability.

      • Dropshix
        • Arbitrary Product Import reported. Due to lack of authorisation and CSRF checks in the AJAX function xoxImportItem()
          • WP Security recommendation: immediately upgrade to version 4.0.14 to fix the vulnerability.

        • Paid Memberships Pro
          • Authenticated Open Redirect reported by Ryan Dewhurst. A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
            • WP Security recommendation: immediately upgrade to version 2.0.6 to fix the vulnerability.

          • Crelly Slider
            • Arbitrary File Upload reported by NinTechNet. The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product’s environment.
              • WP Security recommendation: immediately upgrade to version 1.3.5 to fix the vulnerability.

            • User Submitted Posts
              • Arbitrary File Upload reported by NinTechNet. The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product’s environment.
                • WP Security recommendation: immediately upgrade to version 20190501 to fix the vulnerability.

              • WP Statistics
                • Authenticated Stored XSS reported by kuqadk3. The WP Statistics plugin through 12.6.5 for WordPress has stored XSS in includes/class-wp-statistics-pages.php. This is related to an account with the Editor role creating a post with a title that contains JavaScript, to attack an admin user.
                  • WP Security recommendation: immediately upgrade to version 12.6.6.1 to fix the vulnerability.

                • Hustle
                  • CSV Injection Vulnerability reported by Mark Parfeniuk (REDdy Solutions). The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it allows for injecting malicious code into a pop-up window. Successful exploitation grants an attacker with a right to execute malicious code on the administrator’s computer through Excel functions as the plugin does not sanitize the user’s input and allows insertion of any text.
                    • WP Security recommendation: immediately upgrade to version 6.0.8.1 to fix the vulnerability.
                •  

Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!

The following WordPress plugin vulnerabilities are extremely dangerous since the active installations are in the millions OR the reported vulnerabilities were never patched. The potential risk goes up each day as more and more bad intended persons find out about these vulnerabilities.


 

Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!

Do you have any concerns with WP Security? Leave your thoughts in the comments below!
Summary
WP Security: 47 plugin vulnerabilities in June 2019
Article Name
WP Security: 47 plugin vulnerabilities in June 2019
Description
At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest 47 vulnerabilities in WordPress plugins identified and reported publicly in June 2019.
Author
Publisher
owl power EUROPE

Related Posts

Leave a comment

Do NOT follow this link or you will be banned from the site!