Posts

,

WordPress Vulnerabilities: Core, Plugins & Themes Vulnerabilities Roundup for January 2017

 

In January 33 WordPress plugin vulnerabilities were reported, and 12 in WordPress core. Since we have been keeping a record of reported vulnerabilities, this has been the busiest month for WordPress core vulnerability. All these vulnerabilities are all a good sign, that WordPress is simply becoming a more secure software, as explained in Crunching the numbers, how secure WordPress is?

Below is the complete list of all the WordPress plugins and themes vulnerabilities reported in December 2016:

WordPress Vulnerabilities in Plugins

  • CSRF ad XSS vulnerabilities in ABASE plugin
  • Arbitrary file upload vulnerability in Seo Spy plugin
  • Arbitrary file upload vulnerability in PHP Analytics plugin
  • Arbitrary file upload vulnerability in Social plugin
  • Remote Code Execution (RCE) in Google Maps by Daniel Martyn plugin
  • Arbitrary file upload vulnerability in ChikunCounter plugin
  • Arbitrary File Upload Vulnerability in Developer Tools plugin
  • Unauthenticated PHP Object injection in CMS Commander Client plugin
  • Unauthenticated PHP Object injection in Google Forms plugin
  • Arbitrary File Upload vulnerability in DOP Slider plugin
  • CSRF and XSS vulnerabilities in Hupso Share Buttons for Twitter, Facebook & Google+ plugin
  • Open redirect vulnerability in moreAds SE
  • Reflected Cross-Site Scripting (XSS) Vulnerability in moreAds SE plugin
  • Information Disclosure Vulnerability in W3 Total Cache plugin
  • CSRF and XSS in Arigato Autoresponder and Newsletter plugin
  • Reflected Cross-Site Scripting (XSS) vulnerability in Event Notifier plugin
  • Remote Local File Inclusion in Direct Download for WooCommerce
  • Reflected Cross-Site Scripting (XSS) Vulnerability in WangGuard plugin
  • SQL Injection in 404 Redirection Manager
  • Reflected Cross-Site Scripting (XSS) Vulnerability in Super Socializer
  • Cross-Site Scripting (XSS) & CSRF in Responsive Poll plugin
  • Privilege Escalation in WP Support Plus Responsive Ticket System plugin
  • PHP Object Injection Vulnerability in Post Grid plugin
  • Username enumeration bypasses in Stop User Enumeration plugin
  • Cross-Site Scripting (XSS) in Chained Quiz plugin
  • Cross-site Scripting vulnerability in WooCommerce plugin
  • Authenticated Arbitrary File Deletion in Slider plugin
  • Authenticated Path Traversal in XCloner – Backup and Restore plugin
  • Authenticated Arbitrary File Deletion Vulnerability in BuddyPress
  • Information disclosure in Pike Firewall WordPress plugin

WordPress Vulnerabilities in Core

  • Unauthenticated privilege escalation in a REST API endpoint
  • Cross-Site Scripting (XSS) in posts list table
  • SQL Injection in WP_Query
  • Press This available to unauthorised users
  • Cross site request forgert (CSRF) in WordPress prior to 4.7.1
  • Information Disclosure in WordPress prior to 4.7.1
  • Cross-site request forgery (CSRF) in the accessibility mode of widget editing
  • Cross-site scripting (XSS) vulnerability via theme name fallback
  • Cross-site request forgery (CSRF) bypass via uploading a Flash file.
  • Cross-site scripting in update-core.php
  • User information disclosure in WordPress Rest API
  • Remote code execution vulnerability in PHPMailer (shipped with WordPress)

You can read the release notes of WordPress 4.7.1 for more information on the above mentioned WordPress vulnerabilities in Core that are not linked.

 

Source: WPWhiteSecurity

,

Overview of WordPress Vulnerabilities in December 2016

In this December 2016 monthly roundup of WordPress core, plugins and themes reported vulnerabilities, very few WordPress plugins vulnerabilities were reported.

Overview of WordPress Plugins Vulnerabilities in December 2016

27 WordPress plugins vulnerabilities were discovered in December. Also in the month of December, the trend of plugins being removed from the WordPress repository still continues. It was noticed that that the number of plugins being taken offline from the WordPress repository is increasing. Plugins are taken offline when developers do not fix vulnerabilities, or the developers cannot be reached hence the vulnerabilities are not fixed. This is a good initiative since it ensures that the majority of WordPress plugins on the repository are being maintained and above all, are secure.

Below is the complete list of all the WordPress plugins a vulnerabilities reported in December 2016:

WordPress Plugins Vulnerabilities

  • CSRF security issue in Copy-Me plugin
  • SSRF vulnerability in Nelio AB Testing plugin
  • SQL Injection in Xtreme Locator Dealer Locator plugin
  • Blind Injection in ZM Gallery plugin
  • SQL Injection in WP Private Messages plugin
  • CSRF / Database Update vulnerability in ZX_CSV Upload plugin
  • SQL Injection in Single Personal Message plugin
  • SQL Injection in WP Support Plus Responsive Ticket System plugin
  • Authenticated Information Disclosure in Backup & Restore Dropbox plugin
  • Stored XSS and CSRF in Quiz and Survey Master plugin
  • Multiple SQL Injection and XSS vulnerabilities in Podlove Podcast Publisher
  • Reflected XSS vulnerability in MailChimp for WordPress plugin
  • Arbitraty File Upload vulnerability in Delete All Comments plugin
  • Reflected Cross-site Scripting in Social Pug – Easy Social Share Buttons plugin
  • CSRF vulnerability in Multisite Post Duplicator plugin
  • PHP Object Injection in BP Profile Search
  • CSRF & XSS vulnerabilities in Twitter Cards Meta plugin
  • Information Disclosure vulnerability in WooCommerce Email Test plugin
  • Arbitrary file deletion vulnerability in Image Slider plugin
  • Unauthenticated change of password critical security issue in Ultimate Member plugin
  • SQL Injection in WA Form Builder
  • SQL Injection vulnerability in Product Catalog plugin
  • Unauthenticated SQL Injection in BBS e-Franchise plugin
  • Local File Inclusion in WP Vault plugin

This vulnerabilities and security issues roundup is made possible through WP Security Bloggers.

,

November WordPress Vulnerabilities RoundUp

This is a monthly roundup of WordPress Vulnerabilities for the month of November. This monthly roundup takes care of all the vulnerabilities in WordPress plugins and themes reported during the month of November 2016. This roundup is made possible through Wp Security Bloggers, an aggregate of popular WordPress security blogs and websites that publish WordPress security news and updates. During November no WordPress vulnerabilities was reported in the WordPress core.

Overview of WordPress Vulnerabilities in November 2016

39 WordPress vulnerabilities in plugin were reported in November. That is the highest number of vulnerabilities ever recorded since July this year, when WP White Securities started recording these statistics.

There has also been an increasing trend in the number of plugins being taken offline from the WordPress repository. Plugins are taken offline when developers do not fix vulnerabilities, or the developers cannot be reached hence the vulnerabilities are not fixed. This is a good initiative since it ensures that the majority of WordPress plugins on the repository are being maintained and above all, are secure.

Below is the complete list of all the WordPress Vulnerabilities found in plugins and themes reported in November 2016:

WordPress Vulnerabilities in Plugins

WordPress Vulnerabilities in Themes

Source