Events Manager Plugin Vulnerable5

A non-trivial CSV injection vulnerability was discovered in a popular WordPress plugin called Events Manager v5.9.7.1 (active on 100,000+ websites). This makes the users’ machine vulnerable to remote attackers who can execute arbitrary commands on it. In this Blog-post, we will dive deep into what caused the flaw, an example Proof-Of-Concept showing exploitation in a sandbox environment, and mitigation steps.   Try the WPSec WordPress Vulnerability Scanner > What is the Events Manager Plugin ? According to the official documentation of the plugin, Events Manager is a full-featured event registration plugin for WordPress based on the principles of flexibility, reliability and powerful features! The Events Manager Plugin lets you post event listings on your blog-site. Visitors can make bookings for such events through a[…]

CVE-2020-8417: From CSRF to RCE and WordPress-site takeover

A high-severity Cross-Site Request Forgery (CSRF) vulnerability, tracked as CVE-2020–8417, exists in a popular WordPress plugin called Code Snippets, rendering over 200,000 websites vulnerable to site takeover. In this Blog-post, we will cover what caused the flaw, an example Proof-Of-Concept showing exploitation in a sandbox environment, and mitigation steps. What is the Code Snippets Vulnerability? The National Vulnerability Database(NVD) describes CVE-2020–8417 as, The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu. I will explain this in 3 simple steps: The plugin allowed users to add snippets of PHP code to extend the functionality of a WordPress-powered website, without adding custom snippets to their theme’s functions.php file. Code Snippets offers an import menu for importing code onto[…]

According to the latest Sucuri Hacked Website Report (2018), 90% of scanned WordPress websites were infected with one or more vulnerabilities last year. That’s up 7% from the previous year and shows you just how vulnerable WordPress websites can be. (Source) While the WordPress core is built to be as secure as possible, relying on it to keep your site safe is not going to be enough. After all, WordPress themes and plugins play a role in vulnerabilities too. That’s why you have to take a proactive approach to site security if you want to prevent cybercriminals from hacking into your website. Today we’re going to share with you the 3 most compelling reasons why you should regularly perform WordPress[…]

4 Compelling Reasons Why WordPress is Secure

As of now, the WordPress content management system (CMS) dominates the web. In fact, WordPress powers 35% of the worldwide web, which is pretty impressive seeing as there are over 1.7 billion websites online right now. The thing is, many people will claim that WordPress is insecure. After all, according to Sucuri, a leading website security and protection platform designed to thwart all cybercrime, claims that WordPress is the most infected CMS of all. But does that mean WordPress shouldn’t be trusted? As the leading content management system in the world, it makes sense that cybercriminals would target it. And with so many websites using it, it also makes sense that the most hacks would be associated with WordPress. That’s[…]

WordPress 5.3.1 is a security and maintenance release that has 46 fixes and enhancements. And even better, it fixes serval security problems found by the following people: Daniel Bachhuber for finding an issue where an unprivileged user could make a post sticky via the REST API. Simon Scannell of RIPS Technologies for finding and disclosing an issue where cross-site scripting (XSS) could be stored in well-crafted links. WordPress.org Security Team for hardening wp_kses_bad_protocol() to ensure that it is aware of the named colon attribute. Nguyen The Duc for discovering a stored XSS vulnerability using block editor content. Do a free scan at wpsec.com to check if your WordPress installation is safe.  

WPSec.com, Our WordPress Vulnerability Security Scanner has been updated with new functionality and reliability changes. Detect WAF – If there is a scanning problem such as a timeout, we will try to detect if there is a Web Application Firewall (WAF) blocking us. And if there is we will notify you via E-mail or on the web. Timeout detection – If there is a timeout we will now notify you. And we will skip the current scan and do the next one in the schedule and also do a WAF-scan. No plugins found – If we can’t find any plugins we will now notify you. Also we will run a WAF-scan to see if the problem might be related to[…]

Even if WordPress 5.3 isn’t a security release there are still some interesting new security related updates in this version. Trusted CA Bundle Update The root CA bundle has been updated with new CA:s and some removed. The downside is thought that there is still some 1024 bit RSA CA certificates still in the bundle due to backward compatibility. The new CA bundle file can be viewed here. CA bundle is a file that contains root and intermediate certificates. The end-entity certificate along with a CA bundle constitutes the certificate chain and used when WordPress creates outgoing https-connections, such as automatic updates. Let’s hope that WordPress will be using a project like certainty in the future. Secure oEmbeds The list[…]

WordPress 5.2.4 is now available, it’s a short-cycle security release. The next major release will be version 5.3. This security release fixes six security issues. WordPress versions 5.2.3 and earlier are affected by these security bugs, which are fixed in version 5.2.4. There are also security updates to WordPress 5.1 and earlier. List of Security Fixes Ben Bidner of the WordPress Security Team who discovered issues related to referrer validation in the admin. Evan Ricafort for finding an issue where stored XSS (cross-site scripting) could be added via the Customizer. J.D. Grimes who found and disclosed a method of viewing unauthenticated posts. Weston Ruter for finding a way to create a stored XSS to inject Javascript into style tags. David Newman for highlighting[…]

WordPress 5.2.3 has now been released. This is a security and maintenance release features 29 fixes and enhancements and adds several security fixes. These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so we recommend all WordPress-users to upgrade. If you haven’t yet updated to 5.2 yet, there are also updated versions of 5.0 and earlier that fix the bugs for you. Security Updates Props to Simon Scannell of RIPS Technologies for finding and disclosing two issues. The first, a cross-site scripting (XSS) vulnerability found in post previews by contributors. The second was a cross-site scripting vulnerability in stored comments. Props to Tim Coen for disclosing an issue where validation and sanitization of a URL could lead to an open redirect.[…]