Jonas Lejon

WooCommerce Unauthenticated SQL Injection Vulnerability

WooCommerce Unauthenticated SQL Injection Vulnerability

2 Comments / Uncategorized / By

On 15th July 2021, news was going around regarding an unauthenticated SQL Injection in WooCommerce. WooCommerce released a blog post about the vulnerabilities here: https://woocommerce.com/posts/critical-vulnerability-detected-july-2021/#. The vulnerabilities were detected on the 13th of July and fixed in WooCommerce versions 3.3.6 to 5.5.1 and WooCommerce Blocks versions 2.5.16 to 5.5.1. This blog post is a short …

WooCommerce Unauthenticated SQL Injection Vulnerability Read More »

WordPress PHPMailer vulnerability analysis

1 Comment / Uncategorized / By

On 13th May 2021, WordPress released WordPress 5.7.2, which was a security release fixing one vulnerability that affected versions 3.7 to 5.7. This vulnerability is a PHP Object Injection vulnerability in PHPMailer (CVE-2020-36326, CVE-2018-19296) that occurs via the addAttachment function with a UNC pathname. You may notice that there are two CVE’s in the security …

WordPress PHPMailer vulnerability analysis Read More »

WordPress XXE Vulnerability in Media Library – CVE-2021-29447

1 Comment / Uncategorized / By

WordPress versions 5.7, 5.6.2, 5.6.1, 5.6, 5.0.11 are affected to XML eXternal Entity vulnerability where an authenticated user with the ability to upload files in the Media Library can upload a malicious WAVE file that could lead to remote arbitrary file disclosure and server-side request forgery (SSRF). WordPress uses ID3 library to parse information about an audio …

WordPress XXE Vulnerability in Media Library – CVE-2021-29447 Read More »

Unrestricted File Upload Vulnerability found in Contact Form 7 plugin affects 5M+ websites

CVE-2020-35489: Unrestricted File Upload Vulnerability found in Contact Form 7 plugin affects 5M+ websites

6 Comments / exploits / By

A high-severity Unrestricted File Upload vulnerability, tracked as CVE-2020–35489, was discovered in a popular WordPress plugin called Contact Form 7, currently installed on 5 Million+ websites making them vulnerable to attacks like phishing, complete site take-over, data-breach, phishing and credit card frauds. In this blog-post, we will cover what caused the flaw, an example Proof-Of-Concept (PoC) showing exploitation in a …

CVE-2020-35489: Unrestricted File Upload Vulnerability found in Contact Form 7 plugin affects 5M+ websites Read More »

WP File Manager

WordPress plugin WP File Manager actively exploited

Leave a Comment / news / By

WordPress is a huge platform that powers a large number of websites. This service makes it easy for both programmers and non-programmers to develop different websites. With WordPress, there are different kinds of themes, plugins and more. However, since most of these things are created by third-party developers, there are chances that there will be …

WordPress plugin WP File Manager actively exploited Read More »

WordPress to add auto-update feature for themes and plugins

3 Comments / news / By

When it comes to WordPress, keeping your theme, plugins, and WordPress core is one of the most important tasks you have as a website owner. However, most website owners are often guilty of not applying updates and running with outdated versions of their themes and plugins.  Needless to say, this leaves your website vulnerable to …

WordPress to add auto-update feature for themes and plugins Read More »

Dozens of File Upload Vulnerabilities Found in Web Apps

Dozens of File Upload Vulnerabilities Found in Web Apps

Leave a Comment / news / By

When it comes to content management systems such as WordPress, hackers will often exploit file upload mechanisms to distribute malicious files which can be used to execute malicious code on a website, infect other websites, and allow hackers to gain full control over a server where your website is hosted.  In an effort to prevent …

Dozens of File Upload Vulnerabilities Found in Web Apps Read More »

CVE-2020-9334: Stored XSS vulnerability in Popular Gallery Plugin for WordPress

1 Comment / news / By

A high-severity Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2020-9334, exists in a popular WordPress plugin called Envira Photo Gallery, rendering over 100,000 websites vulnerable to phishing attacks, stealing administrator’s session tokens, etc. In this Blog-post, we will cover what caused the flaw, an example Proof-Of-Concept showing exploitation in a sandbox environment, and mitigation steps. What is the Envira …

CVE-2020-9334: Stored XSS vulnerability in Popular Gallery Plugin for WordPress Read More »