Events Manager Plugin Vulnerable5

A non-trivial CSV injection vulnerability was discovered in a popular WordPress plugin called Events Manager v5.9.7.1 (active on 100,000+ websites). This makes the users’ machine vulnerable to remote attackers who can execute arbitrary commands on it. In this Blog-post, we will dive deep into what caused the flaw, an example Proof-Of-Concept showing exploitation in a sandbox environment, and mitigation steps.   Try the WPSec WordPress Vulnerability Scanner > What is the Events Manager Plugin ? According to the official documentation of the plugin, Events Manager is a full-featured event registration plugin for WordPress based on the principles of flexibility, reliability and powerful features! The Events Manager Plugin lets you post event listings on your blog-site. Visitors can make bookings for such events through a[…]

CVE-2020-8417: From CSRF to RCE and WordPress-site takeover

A high-severity Cross-Site Request Forgery (CSRF) vulnerability, tracked as CVE-2020–8417, exists in a popular WordPress plugin called Code Snippets, rendering over 200,000 websites vulnerable to site takeover. In this Blog-post, we will cover what caused the flaw, an example Proof-Of-Concept showing exploitation in a sandbox environment, and mitigation steps. What is the Code Snippets Vulnerability? The National Vulnerability Database(NVD) describes CVE-2020–8417 as, The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu. I will explain this in 3 simple steps: The plugin allowed users to add snippets of PHP code to extend the functionality of a WordPress-powered website, without adding custom snippets to their theme’s functions.php file. Code Snippets offers an import menu for importing code onto[…]

According to the latest Sucuri Hacked Website Report (2018), 90% of scanned WordPress websites were infected with one or more vulnerabilities last year. That’s up 7% from the previous year and shows you just how vulnerable WordPress websites can be. (Source) While the WordPress core is built to be as secure as possible, relying on it to keep your site safe is not going to be enough. After all, WordPress themes and plugins play a role in vulnerabilities too. That’s why you have to take a proactive approach to site security if you want to prevent cybercriminals from hacking into your website. Today we’re going to share with you the 3 most compelling reasons why you should regularly perform WordPress[…]

4 Compelling Reasons Why WordPress is Secure

As of now, the WordPress content management system (CMS) dominates the web. In fact, WordPress powers 35% of the worldwide web, which is pretty impressive seeing as there are over 1.7 billion websites online right now. The thing is, many people will claim that WordPress is insecure. After all, according to Sucuri, a leading website security and protection platform designed to thwart all cybercrime, claims that WordPress is the most infected CMS of all. But does that mean WordPress shouldn’t be trusted? As the leading content management system in the world, it makes sense that cybercriminals would target it. And with so many websites using it, it also makes sense that the most hacks would be associated with WordPress. That’s[…]

When it comes to complex password cracking, hashcat is the tool which comes into role as it is the well-known password cracking tool freely available on the internet. The passwords can be any form or hashes like SHA, MD5, WHIRLPOOL etc. Hashes does not allow a user to decrypt data with a specific key as other encryption techniques allow a user to decrypt the passwords. Hashcat uses certain techniques like dictionary, hybrid attack or rather it can be the brute-force technique as well. This article gives an example of usage of hashcat that how it can be used to crack complex passwords of WordPress. Hashcat in an inbuilt tool in Kali Linux which can be used for this purpose. USAGE[…]

API JSON

Since a few weeks we offer an API so you can get notified about new found vulnerabilities on your WordPress website. The first part of our API are outgoing JSON webhooks. Using webhooks you can integrate against other third party services like Slack and Zapier. The hooks is formatted as JSON, example: { “email”: “[email protected]”, “name”: “WPScans”, “reportURL”: “https://wpsec.com/scan/?id=b8af78jrhj2kjfdef33j3j3j”, “status”: “vuln”, “type”: “scan”, “url”: “http://wpsec.com” } Most of the fields are self-explaining. The status field can be no-wordpress, vuln or no-vuln. The fields being sent are: type name reportURL url email status Screenshot from the Dashboard: This new API is available to Premium Subscribers and is still in beta.

WordPress 5.0.1 is now available and it is a security release for all versions since WordPress 3.7. We strongly encourage you to update all your sites immediately. Plugin authors are also encouraged to read the 5.0.1 developer notes for information on backwards-compatibility. Since some of the vulnerabilities covered in 5.0.1 might affect plugins. WordPress versions 5.0 and earlier are affected by the following bugs, which are fixed in version 5.0.1. Updated versions of WordPress 4.9 and older releases are also available, for users who have not yet updated to 5.0. Karim El Ouerghemmi discovered that authors could alter meta data to delete files that they weren’t authorized to. Simon Scannell of RIPS Technologies discovered that authors could create posts of unauthorized post types with specially crafted input.[…]

WordPress 4.9.2 is now available for download. This release is a security and maintenance release for all versions since WordPress 3.7. WPScans strongly encourage you to update your sites immediately. We also recommend using WPScans.com to scan your WordPress installation. This release contains a critical security fix for a XSS security bug in the Media Elements library fallback files. Since the fallback files are written in flash and not needed they have been removed from WordPress.