CYBER NEWS

A vulnerabilidade do plug-in WordPress do pacote SEO tudo em um pode permitir ataques XSS

all-in-one-seo-pack-stforum

O All in One SEO Pack é um dos plugins mais populares para WordPress. Na verdade, é o plugin mais baixado, com aproximadamente 30 milhão de downloads! Any security-related issue with such a trendy application would be a nightmare for users. Infelizmente, security research has revealed a vulnerability within the plugin that could enable an attacker to store malicious code in WP’s admin panel.

Pesquisador de segurança David Vaartjes describes the vulnerability as a stored Cross-Site Scripting vulnerability, found in the Bot Blocker functionality of the All in One SEO Pack WordPress Plugin. The researcher has tested the issue on the All in One SEO Pack WordPress Plugin version 2.3.6.1.

relacionado: Quem dirige desatualizados versões do WordPress e Drupal?

What Is All in One SEO Pack WordPress Plugin?

The plugin is very popular, declaradamente “the most downloaded plugin for WordPress”. It helps users and webmasters automatically optimize their site for search engines by providing simple settings to toggle on and off.

Details about the Bot Blocker Vulnerability

A stored Cross-Site Scripting vulnerability exists in the Bot Blocker functionality of the All in One SEO Pack WordPress Plugin (1+ million active installs). Particularly interesting about this issue is that an anonymous user can simply store his XSS payload in the Admin dashboard by just visiting the public site with a malformed User Agent or Referrer header.


Why is the Bot Blocker functionality used?
The functionality helps prevent certain bots from crawling or even accessing a website. Detection of bots is possible thanks to User Agent and Referrer header patterns. When the User Agent contains one of the pre-configured list of bot names likeAbonti”, “Bullseye” ou “Exabotthe request is blocked and a 404 is returned, the researcher explains. When the Track Blocked Bots setting is enabled (it’s not enabled by default), blocked requests are logged in the HTML page without the needed sanitization or output encoding. This is how an XSS is allowed.

What Is a XSS Attack?
An XSS-powered attack takes place when malicious actors implement malicious scripts to legitimate websites. An XSS vulnerability is exploited when you, por exemplo, send a website content that includes embedded malicious JavaScript. The website will later include the code in its reply.

Is the All in One SEO Pack Issue Fixed?

Fortunately for WordPress admins using the plugin, the bug has been fixed in its latest version – All in One SEO Pack 2.3.7. Além disso, keep in mind that the attack was tested by David Vaartjes in the plugin’s version 2.3.6.1. Older versions may be exposed to the issue, também. Em todos os casos, it’s highly recommended that you update to the latest version as soon as possible.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...