Login

Tag Archives: Cross-Site Request Forgery (CSRF)/Option Update

22 Dec 2023

Our Proactive Monitoring Caught an Authenticated Option Update Vulnerability Being Introduced in to a WordPress Plugin

One way we help to improve the security of WordPress plugins, not just for our customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that, we caught a variant of one of those vulnerabilities, an authenticated option update vulnerability being introduced in to the plugin Cozy Blocks today. The vulnerability is in part caused by wider insecurity in the plugin and there are additional vulnerabilities in the plugin, so we would recommend avoiding the plugin unless the security is overhauled.

We now are also running all the code in the plugins used by our customers through that monitoring system on a weekly basis to provide additional protection for them. [Read more]

7 Sep 2023

Our Proactive Monitoring Caught an Authenticated Option Update Vulnerability Being Introduced in to WPGetAPI

One way we help to improve the security of WordPress plugins, not just for our customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that, we caught a variant of one of those vulnerabilities, an authenticated option update vulnerability being introduced in to the plugin WPGetAPI. The vulnerability allows anyone logged in to WordPress to break the website.

The vulnerable code comes from a new import feature of the plugin. The related new export feature looks to be similarly insecure as well. [Read more]

6 Sep 2023

Our Proactive Monitoring Caught an Authenticated Option Update Vulnerability in WP Courses

One way we help to improve the security of WordPress plugins, not just for our customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that, we caught a variant of one of those vulnerabilities, an authenticated option update vulnerability in the plugin WP Courses. That allows a logged in attacker to change arbitrary WordPress options and they could use that to create a new WordPress account with administrator privileges. There are probably more vulnerabilities with similar code still lurking in plugins, as this was caught by a recent expansion of our motioning for that type of vulnerability. That vulnerability has been in the plugin for 22 months, without being noticed it appears.

We now are also running all the code in the plugins used by our customers through that monitoring system on a weekly basis to provide additional protection for them. [Read more]

16 Aug 2023

Exploitable Vulnerability Has Been in WooCommerce Extending Plugin for Over a Year

One way we help to improve the security of WordPress plugins, not just for customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. We don’t have time to review everything that is flagged by that. As one piece of code flagged, which we only got a chance to look into 13 months after it was introduced in to a plugin, shows, it doesn’t look like much of anyone else is joining us in doing that type of monitoring. That code turned out to cause a vulnerability that would allow an attacker with access to an account on the website, even a low level account, to take over the website. Unsurprisingly, that is a type of vulnerability that hackers are known to exploit. The vulnerability is in the plugin WooODT Lite.

As is often the case with plugins with serious vulnerabilities, the plugin extends the popular eCommerce plugin WooCommerce. Despite being used on websites with additional security risk and probably more money tied to them, it doesn’t appear those plugins are getting reasonable security scrutiny. If anyone is looking to have that happen for a WordPress plugin they use, we can do a security review. [Read more]

13 Jun 2023

Our Proactive Monitoring Caught an Authenticated Option Update Vulnerability in WP Compress

One way we help to improve the security of WordPress plugins, not just for our customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that, we caught a variant of one of those vulnerabilities, an authenticated option update vulnerability in the plugin WP Compress. The vulnerability is in part caused by wider insecurity in the plugin and there are additional vulnerabilities in the plugin, so we would recommend avoiding the plugin unless the security is overhauled.

We now are also running all the code in the plugins used by our customers through that monitoring system on a weekly basis to provide additional protection for them. [Read more]

7 Dec 2022

Authenticated Option Update Vulnerability in Users Control

One way we help to improve the security of WordPress plugins, not just for customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that, we caught a variant of one of those vulnerabilities, a an authenticated option update vulnerability in a brand new plugin, Users Control.

We now are also running all the plugins used by our customers through the same system used for the proactive monitoring on a weekly basis to provide additional protection for them. [Read more]

30 Nov 2022

Authenticated Option Update Vulnerability in LWS Optimize

One way we help to improve the security of WordPress plugins, not just for customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that, we caught a variant of one of those vulnerabilities, an authenticated option update vulnerability in a brand new plugin, LWS Optimize.

We now are also running all the plugins used by our customers through the same system used for the proactive monitoring on a weekly basis to provide additional protection for them. [Read more]

9 Aug 2022

WooCommerce Extending Plugin With 100,000+ Installs Contains Authenticated Option Update Vulnerability Possibly Targeted by Hacker

Early today a topic on the support forum for the WordPress plugin WOOF, which extends WooCommerce and has 100,000+ active installations, suggesting that a security issue in might be being exploited. The poster wrote this:

Can you elaborate on what you did here for the fix? We noticed a lot of client’s had products from like other sites that were not related. Curious to know what happened if anything on your end. [Read more]

2 Aug 2022

Hacker Probably Targeting This Authenticated Option Update Vulnerability in Make’s WordPress Plugin

Yesterday we had what appeared to be a hacker probing for usage of the Make’s (formerly Integromat) WordPress plugin on our website with the following request:

/wp-content/plugins/integromat-connector/assets/iwc.js [Read more]

5 Apr 2022

WooCommerce Payment Plugin Targeted by Hacker Contains Multiple Serious Vulnerabilities

Late last week, third-party data we monitor showed what looked to be a hacker probing for usage of a WordPress plugin that handles payment processing for the WooCommerce plugin, ЮKassa для WooCommerce, through requests for this file:

/wp-content/plugins/yookassa/assets/js/yookassa-admin.js [Read more]