Casa > cibernético Notícias > Vulnerable WordPress Plugin Could Cause Severe Attacks
CYBER NEWS

Vulneráveis ​​Plugin WordPress poderia causar ataques graves

Sucuri researchers just came across a serious vulnerability that affects WordPress website databases. Mais particularmente, a WordPress gallery plugin with more than 1 million active installations has been found to have a severe SQL injection flaw.

Os pesquisadores dizer este:

While working on the WordPress plugin NextGEN Gallery, we discovered a severe SQL Injection vulnerability. This vulnerability allows an unauthenticated user to grab data from the victim’s website database, including sensitive user information.

Severe WordPress Plugin NextGEN Gallery Vulnerability Found

The flaw in question allows an unauthenticated user to harvest data from a targeted website database, sensitive user information included. Considering the seriousness of the issue, the flaw has been rated critical. Website admins who are using a vulnerable version of the plugin are urged to update it immediately.

relacionado: Tops Android as 2016 Topo 50 Lista vulnerabilidades com 523 Insetos

De acordo com Sucuri, the vulnerability can be exploited via two conditions: when an admin uses a NextGEN Basic TagCloud gallery, or when the website allows contributors to submit posts for review.

This vulnerability existed because NextGEN Gallery allowed improperly sanitized user input in a WordPress prepared SQL query. This is just like adding user input inside a raw SQL query. Relying on such an attack vector, a malicious actor could leak hashed passwords and WordPress secret keys in certain configurations, the company explained.

além disso, a malicious actor would simply need to take advantage of a $container_ids string in for the exploit to be triggered. This could be done either by modifying the NextGEN Basic TagCloud gallery URL or by using the tag gallery shortcode.

With this knowledge, an unauthenticated attacker could add extra sprintf/printf directives to the SQL query and use $wpdb->prepare’s behavior to add attacker-controlled code to the executed query.

relacionado: WordPress Apenas fixo Zero-Day Serious bug nas versões 4.7 e 4.7.1

Apenas no mês passado, WordPress secretly fixed a serious zero-day bug. The bug allowed all pages on vulnerable websites to be modified. Além disso, visitors could have been redirected to malicious sites leading to more security-related complications. WordPress postponed the public announcement for a week and is now urging everyone involved to update.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *