Login

Tag Archives: DELUCKS SEO

6 Feb 2023

Reflected Cross-Site Scripting (XSS) Vulnerability in DELUCKS SEO

One way we help to improve the security of WordPress plugins, not just for customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. We have been running all the plugins used by our customers through the same system used for the proactive monitoring on a weekly basis to provide additional protection for them for a year now and we have recently increased that customer proactive monitoring to include checking for lesser vulnerabilities. Through that, we caught a reflected cross-site scripting (XSS) vulnerability in DELUCKS SEO.

That this hadn’t been spotted before is a good indication of the limited amount of security checking being done of WordPress plugins, as the relevant code is easy to detect as at least being insecure. [Read more]

25 Sep 2019

WordPress Isn’t Allowing Users of DELUCKS SEO to Get New Version of the Plugin That Fixes Exploited Vulnerability

When it comes to the poor security surrounding WordPress plugins what we have long found so unfortunate is that it would be easy for the team running the Plugin Directory to improve the situation, but for reasons that have never made sense they continue to refuse to do things that would make a big difference and likely greatly reduce the number of websites being hacked (we and others have repeatedly offered to help them do those things).

One of the problems we have long seen is that after plugins are closed on the Plugin Directory due to vulnerabilities, even after the vulnerability has been fixed, the plugin remains closed, so those already using the plugin can’t get the updated version. This often looks to be because the team running the Plugin Directory requires more changes to be made, sometimes security related. The problem with that is that if those websites could update they would stop the possibility of the fixed vulnerability being exploited. [Read more]

21 Sep 2019

Hackers May Already be Targeting this Persistent XSS Vulnerability in DELUCKS SEO

As part of monitoring we do to make sure we are providing customers of our service with the best possible data on vulnerabilities in WordPress plugins they may be using we monitor for what look to be hackers probing for usage of plugins to make sure we quickly can warn our customers of unfixed vulnerabilities that hackers are likely targeting. There seems to be an ongoing hacker campaign exploiting previously undisclosed vulnerabilities as in the past couple of weeks there have been seven plugins that we have seen hackers newly probing for and today we saw number eight, DELUCKS SEO, for which there was probing on our website today by requesting these files:

  • /wp-content/plugins/delucks-seo/readme.txt
  • /wp-content/plugins/delucks-seo/assets/tagEditor/readme.md

In looking at the plugin we found that, like a number of the other plugins, it contains a persistent cross-site scripting (XSS) vulnerability. There appear to be other related security issues as well. [Read more]