Nine WordPress Plugins Expose Over 1.3 Million Sites To Exploits


The United States Government Vulnerability Database and WordPress security researchers published alerts of WordPress plugin vulnerabilities. Among those plugins, nine of the most popular plugins affect over 1.3 million websites.

Vulnerabilities in Nine WordPress Plugins

While there were many more plugins found vulnerable, the nine most popular plugins affected well over 1.3 million websites. The vulnerabilities were rated

The following are on the list of nine vulnerable plugins:

  1. Header Footer Code Manager 300,000+ installations
  2. Ad Inserter – Ad Manager & AdSense Ads 200,000+ installations
  3. Popup Builder WordPress plugin 200,000+ installations
  4. Anti-Malware Security and Brute-Force Firewall 200,000+ installations
  5. WP Content Copy Protection & No Right Click 100,000+ installations
  6. Database Backup for WordPress 100,000+ installations
  7. GiveWP – Donation Plugin and Fundraising Platform 100,000+ installations
  8. Download Manager 100,000+ installations
  9. Advanced Database Cleaner WordPress plugin 80,000+ installations

Header Footer Code Manager WordPress Plugin

The Header Footer Code Manager WordPress Plugin was discovered by Wordfence security researchers to have a Reflected Cross-Site Scripting vulnerability.

The vulnerability requires the hacker to trick an administrator into clicking a link or other action in order to make it vulnerable to a full site take over.

The researchers noted that because this plugin affects a sensitive area of WordPress sites in that it’s for adding code to websites, the variety of malicious actions could extend to adding backdoors and attacking site visitors.

Publishers are recommended by Wordfence to update their installations to at least version 1.1.17.

Ad Inserter – Ad Manager & AdSense Ads (Free and Pro Versions)

The Ad Inserter – Ad Manager & AdSense Ads was reported by WPScan to also have a vulnerability that can lead to a Reflected Cross-Site Scripting exploit.

Publishers are advised to update to at least version 2.7.10.

This plugin contains a vulnerability that could lead to SQL injection exploit.

According to the National Vulnerability Database:

“The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby and order parameters before using them in a SQL statement in the admin dashboard, which could allow high privilege users to perform SQL injection”

Publishers are recommended to update to at least version 4.0.7 of the WordPress plugin.

Anti-Malware Security and Brute-Force Firewall

This WordPress plugin also contains a Reflected Cross-Site scripting vulnerability. An attacker must have admin level credentials in order to carry out the attack.

Publishers are advised to update to at least version 4.20.94.

WP Content Copy Protection & No Right Click

This WordPress plugin was discovered by security researchers at Patchstack who reported the plugin to have a Cross Site Request Forgery (CSRF) vulnerability.

Publishers are advised to update to at least version 3.4.5.

Database Backup for WordPress

Security researchers at WPScan reported a SQL Injection vulnerability affecting the Database Backup for WordPress plugin that handles the most sensitive part of any WordPress installation, the database.

WPScan notes:

“The plugin does not properly sanitise and escape the fragment parameter before using it in a SQL statement in the admin dashboard, leading to a SQL injection issue”

Publishers are advised by the National Vulnerability Database to update the Database Backup for WordPress plugin to at least version 2.5.1.

GiveWP – Donation Plugin and Fundraising Platform

The GiveWP Donation Plugin was found to contain a Reflected Cross-Site Scripting vulnerability. Publishers are advised to update to at least version 2.17.3 of the plugin.

Download Manager WordPress Plugin

This plugin contains a SQL Injection exploit that could lead to a Reflected Cross-Site Scripting attack. Publishers are advised to update to at least version 3.2.34.

Advanced Database Cleaner WordPress Plugin

This plugin was discovered by security researchers to contain an issue that could lead to a Reflected Cross-Site Scripting attack. Publishers are advised to update to at least version 3.0.4 of the plugin.

Multiple WordPress Plugins Vulnerable

There were many plugins reported to have vulnerabilities. But these nine are the most popular plugins.

All of the plugins have received a patch that closes the vulnerability but it’s up to publishers to make sure that they are using the latest versions in order to keep their websites and site visitors safe.

Citations

Header Footer Code Manager
https://www.wordfence.com/blog/2022/02/reflected-xss-in-header-footer-code-manager/

Ad Inserter – Ad Manager & AdSense Ads
https://nvd.nist.gov/vuln/detail/CVE-2022-0288

Popup Builder WordPress Plugin
https://nvd.nist.gov/vuln/detail/CVE-2022-0228

Anti-Malware Security and Brute-Force Firewall
https://nvd.nist.gov/vuln/detail/CVE-2021-25101
https://wpscan.com/vulnerability/5fd0380c-0d1d-4380-96f0-a07be5a61eba

WP Content Copy Protection & No Right Click
https://nvd.nist.gov/vuln/detail/CVE-2022-23983

Database Backup for WordPress
https://nvd.nist.gov/vuln/detail/CVE-2022-0255

GiveWP – Donation Plugin and Fundraising Platform
https://nvd.nist.gov/vuln/detail/CVE-2021-25100
https://nvd.nist.gov/vuln/detail/CVE-2021-25099

Download Manager
https://nvd.nist.gov/vuln/detail/CVE-2021-25069
https://wpscan.com/vulnerability/4ff5e638-1b89-41df-b65a-f821de8934e8

Advanced Database Cleaner WordPress Plugin
https://nvd.nist.gov/vuln/detail/CVE-2021-24921





Consultar el artículo en la publicación original

Nine WordPress Plugins Expose Over 1.3 Million Sites To Exploits
A %d blogueros les gusta esto: