Home >CMS Tutorial >WordPress >These WordPress plugins have high-risk vulnerabilities!

These WordPress plugins have high-risk vulnerabilities!

藏色散人
藏色散人forward
2022-01-21 15:40:474104browse

The following tutorial column of WordPress will introduce to you the situation of high-risk vulnerabilities found in three WordPress plug-ins. I hope it will be helpful to friends in need!

Researchers discovered high-risk vulnerabilities in three WordPress plugins

Recently, researchers from WordPress security company Wordfence discovered a serious vulnerability that can affect three WordPress plugins. A different WordPress plugin and has impacted over 84,000 websites. The execution code of this vulnerability is tracked as CVE-2022-0215, which is a cross-site request forgery (CSRF) attack. The Common Security Vulnerability Scoring System (CVSS) gave it a score of 8.8.

These WordPress plugins have high-risk vulnerabilities!

On November 5, 2021, the Wordfence company intelligence team discovered this vulnerability in the Login/Signup Popup plug-in for the first time and initiated the disclosure process. A few days later they discovered the same vulnerability in the Cart Woocommerce (Ajax) plugin and the Waitlist Woocommerce (Back in stock notifier) ​​plugin. Through this vulnerability, an attacker could update any site options on a compromised website by tricking the site administrator into performing a single action.

An attacker will typically craft a request that triggers an AJAX action and performs that function. If an attacker is able to successfully trick a site administrator into performing an action such as clicking a link or browsing to a website, and the administrator is authenticated to the target site, the request will be sent successfully and the action will be triggered. Allows an attacker to update arbitrary options on the site.

An attacker can exploit this vulnerability to update the "users_can_register" (i.e. anyone can register) option on the website to OK and set the "default_role" (i.e. the default role for users registered on the blog) Set as an administrator, he can then register as an administrator on the compromised website and take over it completely.

Three plugins reported by the Wordfence team that impact Xootix maintenance:

  • Login/Signup Popup plugin (over 20,000 installs)

  • Side Cart Woocommerce (Ajax) plugin (over 4000 installs)

  • Waitlist Woocommerce (Back in stock notifier) ​​plugin (over 60000 installs)

These three XootiX plugins are designed to provide enhanced functionality for WooCommerce websites. The Login/Signup Popup plugin allows adding login and signup popups to standard websites and websites running the WooCommerce plugin. Waitlist WooCommerce plugin allows adding product waitlists and out-of-stock item notifications. The Side Cart Woocommerce plugin makes the shopping bar available anywhere on the website with support via AJAX.

Regarding this vulnerability, the Wordfence team specifically reminds WordPress users to check whether the version running on their website has been updated to the latest patched version available for these plug-ins, namely Login/Signup Popup plug-in version 2.3, Waitlist Woocommerce plug-in 2.5 .2 version", and Side Cart Woocommerce plugin version 2.1.

Reference source:

https://securityaffairs.co/wordpress/126821/hacking/wordpress-plugins-flaws -2.html

The above is the detailed content of These WordPress plugins have high-risk vulnerabilities!. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:freebuf.com. If there is any infringement, please contact admin@php.cn delete