WordPress Captcha Plugin Found to Contain a Backdoor
CYBER NEWS

Captcha plugin til WordPress sig at indeholde en bagdør

1 Star2 Stars3 Stars4 Stars5 Stars (Ingen stemmer endnu)
Loading ...

wordpress virus billede

WordPress plugins ofte udgøre forskellige trusler mod webstedsejere. Dette er tilfældet med et plugin ved navn Captcha, der blev opdaget at indeholde en bagdør. Dette plugin er blevet installeret ved 300,000 brugere.

WordPress Captcha Plugin Indeholder en bagdør, Wordfence Reports

Tilsyneladende, the WP repository removed the plugin Captcha due to a trademark issue with WordPress. As reported by Wordfence, whenever the WP repository removes a plugin that has been installed by many users, they check if the reason for the removal is somehow related to security.

relaterede Story: Backdoor i CCleaner påvirker millioner, Grunden Hack Ukendt

After checking what the situation is, Wordfence discovered a code in the plugin that triggers automatic update process that downloads a ZIP file. The file extracts and installs itself over the copy of the running Captcha plugin. The ZIP contains some code changes from what is found in the plugin repository. It was also found to contain a file called plugin-update.php which is a backdoor.

Desværre, backdoors can be found nearly anywhere these days, and it’s a huge security and privacy issue. A backdoor in this case can give the plugin author (or an attacker) unauthorized admin access to a website.

This backdoor creates a session with user ID 1 (the default admin user that WordPress creates when you first install it), sets authentication cookies, and then deletes itself.

What’s very bad here is that the backdoor installation code is not authenticated, which means that anyone can trigger it. Wordfence also said that they will edit the initial information about the backdoor “to include a proof of concept after 30 days with technical details on how the backdoor installation and execution works".

More information about the backdoor disclosure find her.

Som nævnt i begyndelsen, WP plugins are often associated with a variety of security issues. Last year one of the most popular WP plugins was found vulnerable.

relaterede Story: All in One SEO Pack WordPress Plugin sårbarhed kan give mulighed XSS angreb

All in One SEO Pack er en af ​​de mest populære plugins til WordPress. Det er faktisk den mest downloadede plugin, med ca. 30 million downloads. Research revealed a very dangerous flaw within the plugin that could enable an attacker to store malicious code in WP’s admin panel.

Avatar

Milena Dimitrova

En inspireret forfatter og indhold leder, der har været med SensorsTechForum for 4 år. Nyder ’Mr. Robot’og frygt’1984’. Fokuseret på brugernes privatliv og malware udvikling, hun tror stærkt på en verden, hvor cybersikkerhed spiller en central rolle. Hvis almindelig sund fornuft giver ingen mening, hun vil være der til at tage noter. Disse noter senere kan blive til artikler!

Flere indlæg

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...