Researchers find serious flaws in WordPress plugins used on 400k sites

by
Dan Goodin
from Ars Technica - All content on (#4Y1RF)
FrankLindecke_Flickr_HackerWall-800x533.

Enlarge (credit: Frank Lindecke / Flickr)

Serious vulnerabilities have recently come to light in three WordPress plugins that have been installed on a combined 400,000 websites, researchers said. InfiniteWP, WP Time Capsule, and WP Database Reset are all affected.

The highest-impact flaw is an authentication bypass vulnerability in the InfiniteWP Client, a plugin installed on more than 300,000 websites. It allows administrators to manage multiple websites from a single server. The flaw lets anyone log in to an administrative account with no credentials at all. From there, attackers can delete contents, add new accounts, and carry out a wide range of other malicious tasks.

People exploiting the vulnerability need only know the user name of a valid account and include a malicious payload in a POST request that's sent to a vulnerable site. According to Web application firewall provider Wordfence, the vulnerability stems from a feature that allows legitimate users to automatically log in as an administrator without providing a password.

Read 6 remaining paragraphs | Comments

index?i=kpsZ-5wDQno:BL-sr2fftd0:V_sGLiPB index?i=kpsZ-5wDQno:BL-sr2fftd0:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments