Login

Tag Archives: Security Vulnerability in Security Plugin

11 Jun 2019

Our Proactive Monitoring Caught a CSRF/Arbitrary File Upload Vulnerability in a WordPress Security Plugin

When it comes to WordPress security plugins, not only do they often not provide much, if any, security against threats that really impact a website, but they can actually introduce security vulnerabilities of their own. That is the case with the plugin LionScripts: IP Blocker Lite, which is described as:

LionScripts IP Blocker for WordPress allows you to block the malicious IP Addresses, Spammers and Hackers [Read more]

13 Nov 2018

Full Disclosure of Authenticated PHP Object Injection Vulnerability in WordPress Security Plugin with 70,000+ Installs

Last week, after running across a couple of PHP object injection vulnerabilities in the plugin WP GDPR Compliance we started looking into making an improvement of detection of that type of issue in our automated tool for detecting possible security issues in WordPress plugins, the Plugin Security Checker. As part of doing that we did some checks over the 1,000 most popular WordPress plugins to get a better idea of usage of code of similar code there might be out there. That led to us finding an authenticated PHP object injection vulnerability in the security plugin WP Security Audit Log, which has 70,000+ active installations according to wordpress.org.

That a security plugin can have a fairly serious vulnerability speaks to the one of the problems we see with the security industry’s ability to meet the needs of the public. On the one hand the average website, which shouldn’t need security products and services, are being sold ones that don’t work well at best. At the same time those websites that genuinely need advanced security tools are unable to get ones that work well and or they introduce security risks of their own. This plugin falls into the latter category both in that it is something that could be of useful for some websites, but also something that is introducing additional security risk. [Read more]

25 Oct 2018

Vulnerability Details: Persistent Cross-Site Scripting (XSS) Vulnerability in QueryWall: Plug’n Play Firewall

From time to time a plugin is closed on the Plugin Directory for an unexplained security issue without the discoverer putting out a report on the vulnerability and we will put out a post detailing the possible vulnerability that lead to that so that we can provide our customers with more complete information on the security of plugins they use.

[Read more]

2 Jul 2018

When A Security Vulnerability Is Only One of the Issues With a WordPress Security Plugin

We don’t think too highly of the security industry and we are often reminded of why that is, as was the case when we did a quick check of the plugin Sitesassure WP Malware Scanner. We had run across the plugin on the website of a company, 911websiterepair.com, which offers to clean up hacked websites, where it was listed as their plugin. The plugin didn’t mention anything about that website instead it was connected to another website and the look of that website didn’t exactly give us a good feeling about the potential quality of the plugin:

[Read more]

12 Jun 2018

Privilege Escalation Vulnerability in Quttera Web Malware Scanner

One of the big problems we see in trying to improve security is that so often security companies are promoting product and services that they claim will protect websites, but really only try to deal with the after effects of them being hacked. What seems like could explain a lot of that is that most of those companies don’t know or care about security and they are just trying to make a buck with little to no concern whether they are providing anything of value in exchange for that money. One of the things that seems to back that up is how often security companies fail to handle basic security when it comes to their own websites and product/services.

The latest example of that was something we ran across while discussing an example of security companies’ frequent misleading to outright false claims made about their products and services. As discussed over at our main blog the makers of the plugin Quttera Web Malware Scanner had recently claimed that the plugin had over 400,000 installations despite it actually only having 10,000+ active install according to wordpress.org. After running across that we started to take a quick look at the plugin’s security and immediately found it was failing to take some basic security measures. [Read more]

31 Oct 2017

Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in Anti-Malware Security and Brute-Force Firewall

From time to time a vulnerability is fixed in a plugin without the discoverer putting out a report on the vulnerability and we will put out a post detailing the vulnerability so that we can provide our customers with more complete information on the vulnerability.

[Read more]

29 Aug 2017

PHP Object Injection Vulnerability in WP Smart Security

When it comes to advice on improving the security of a WordPress websites the recommendation is often to install some security plugin. We have yet to see this advice paired with evidence that the security plugin in question is effective at providing protection. In our testing of them to see if security plugins can protect against real vulnerabilities in other plugins, which seems to be about the only testing ever done, the results haven’t been good. Having a false sense of security isn’t good, since it may lead to failing doing things that will actually protect a website, but using security plugins can have a much worse consequence, it can lead to your website being hacked.

We recently have been going through some data on possible PHP object injection vulnerabilities in WordPress plugins and one of the reports from that indicated the possibility of that type of vulnerability in the security plugin WP Smart Security. A quick check confirmed that there was in fact that type of vulnerability in this plugin. That type of vulnerability has been exploited on fairly wide-scale in the last year, so using this plugin could open the website using it to being hacked. [Read more]

19 Apr 2017

Cross-Site Request Forgery (CSRF) Vulnerabilities in Triagis® Security Evaluation

Far too often it is found that security plugins for WordPress introduce security vulnerabilities of their own, which if you know much about security isn’t too surprising considering that so many security companies don’t seem to know and or care much about security.

We recently ran across the security plugin Triagis® Security Evaluation, which is described as “a simple lite-weight plugin to analyze your current WordPress installation, server for security vulnerabilities”. While taking a look over the plugin we found that it made functions available through WordPress’ AJAX functionality that are restricted to Administrator level users, but lack protection against cross-site request forgery (CSRF). Through that an attacker could cause a logged in Administrator to change the WordPress content directory’s location, change the website’s file permissions, delete arbitrary files on a website, change a user’s username, change the database prefix, or move the WordPress configuration file. While CSRF vulnerabilities are not something likely to be targeted at this time, an attacker could cause some serious issues if they were successful in exploiting this. [Read more]

27 Feb 2017

Vulnerability Details: Arbitrary File Viewing Vulnerability in WP Hide & Security Enhancer

From time to time vulnerabilities are fixed in plugin without someone putting out a report on the vulnerability and we will put out a post detailing the vulnerability. While putting out the details of the vulnerability increases the chances of it being exploited, it also can help to identify vulnerabilities that haven’t been fully fixed (in some cases not fixed at all) and help to identify additional vulnerabilities in the plugin.

[Read more]