The plugin WP GDPR Compliance allows unauthenticated users to execute any action and to update any database value. If the request data form is available for unauthenticated users, even unauthenticated users are able to update the database. The plugin has more than 100 000+ active installations according to WordPress.org. WPScans.com has been updated to check for this vulnerability, run your free scan today.
Except for the “Try Gutenberg” callout in the just released WordPress version 4.9.8 there are a ton of privacy fixes. The 4.9.8 WordPress release includes a total of 18 Privacy fixes focused on ensuring consistency and flexibility in the new personal data tools that were added in 4.9.6. Some of the privacy fixes include: The type of request being confirmed is now included in the subject line for all privacy confirmation emails. Improved consistency with site name being used for privacy emails in multisite. Pagination for Privacy request admin screens can now be adjusted. Increased the test coverage for several core privacy functions. I think this is a small step but in the right direction for the WordPress community. Privacy[…]
The following new vulnerability checks has been added to WPScans.com: Custom Permalinks <= 1.1 – Authenticated SQL Injection Custom Permalinks <= 1.1 – Cross-Site Scripting (XSS) Photo Gallery by WD <= 1.3.66 – Cross-Site Scripting (XSS) WP Fastest Cache <= 0.8.7.4 – Blind SQL Injection WooCommerce <= 3.2.3 – Authenticated PHP Object Injection Ninja Forms <= 3.2.13 – Cross-Site Scripting (XSS) Swape Theme – Authentication Bypass and Stored XSS flickrRSS <= 5.3.1 – XSS and CSRF Instagram Feed <= 1.5.1 – Cross-Site Scripting (XSS) Run your free scan at WPScans.com >
WordPress 4.9.2 is now available for download. This release is a security and maintenance release for all versions since WordPress 3.7. WPScans strongly encourage you to update your sites immediately. We also recommend using WPScans.com to scan your WordPress installation. This release contains a critical security fix for a XSS security bug in the Media Elements library fallback files. Since the fallback files are written in flash and not needed they have been removed from WordPress.
WPSec can now detect at least three different backdoored WordPress plugins. The plugins are: Duplicate Page and Post 2.1.0-2.1.1 No Follow All External Links 2.1.0-2.3.0 WP No External Links 4.2.1-4.3 We recommend that you run the free scan available at www.wpsec.com
Wireshark is a network protocol analyzer that can provide granular visibility on traffic traversing your network. It runs on a wide variety of operating systems and can be used it to view live traffic or capture traffic to a file for offline analysis. Virtually all known network protocols are supported, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2. WordPress, on the other hand, is the most popular content management system in the world, with a significant percentage of its installed base still being administered over HTTP. In this article, we’ll be using Wireshark to sniff and extract WordPress login credentials leaving the local computer. The application we’ll actually use to capture traffic is named Tshark, a command line implementation[…]
WPScans.com has been updated with the following new vulnerability checks: Content Cards <= 0.9.6 – Cross-Site Scripting (XSS) WP Mailster <= 1.5.4 – Unauthenticated Cross-Site Scripting (XSS) Apocalypse Meow <= 21.2.7 – BCrypt Authentication Bypass Smart Marketing SMS and Newsletters Forms <= 1.1.1 – Unauthenticated Cross-Site Scripting (XSS) Run your free WordPress Security Scan at wpscans.com
A new WordPress version was just release. This new version addresses a security problem with the $wpdb->prepare() function. From the release notes: WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Anthony Ferrara. As the above notes says the vulnerability might affect thousands of plugins or themes and Anthony has more technical information on his blog here. WPScans.com has been updated to check for this vulnerability.
You can now connect to WPScans using the Tor onion network. WPScans is now a Hidden Service and you can use the following address to reach WPScans from TorBrowser or Tails: wpscanskzvjc4s2s.onion This is a screenshot from the Tor Browser: Screenshot from The Amnesic Incognito Live System, Tails visiting the onion url: