20 Aug

Vulnerablity Details: Authenticated Persistent Cross-Site Scripting (XSS) in Additional Variation Images for WooCommerce

This post provides the details of a vulnerability in the WordPress plugin Additional Variation Images for WooCommerce not discovered by us, where the discoverer hadn’t provided the details needed for us to confirm the vulnerability while we were adding it to the data set for our service, so its contents are limited to subscribers of our service. If you are not currently a subscriber, you can try out the service to help protect your website for free and then you can view the contents of the post. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website is vulnerable due to it.

[Read more]

20 Aug

Vulnerability Details: Authenticated Persistent Cross-Site Scripting (XSS) in WP 1 Slider

This post provides the details of a vulnerability in the WordPress plugin WP 1 Slider not discovered by us, where the discoverer hadn’t provided the details needed for us to confirm the vulnerability while we were adding it to the data set for our service, so its contents are limited to subscribers of our service. If you are not currently a subscriber, you can try out the service to help protect your website for free and then you can view the contents of the post. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website is vulnerable due to it.

[Read more]

08 Aug

This Authenticated Persistent XSS Vulnerability Might Be What Hackers Are Targeting PPOM for WooCommerce For

One of the things we seem to be unique in doing is monitoring for hackers probing for usage of WordPress plugins before exploiting vulnerabilities in them. That is despite other security companies claiming to be doing the same and them needing to do that to be able to prevent exploitation. Today through that we saw probing for the plugin PPOM for WooCommerce with requests for these files from it:

[Read more]

26 Jul

Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in Facebook Widget (Widget for Facebook Page Feeds)

The plugin Facebook Widget (Widget for Facebook Page Feeds) was closed on the WordPress Plugin Directory yesterday. That is one of the 1,000 most popular plugins, so we were alerted to its closure. While we were looking in to the plugin to see if there were any vulnerabilities we should be warning users of the plugin that also use our service, we found that it contains an authenticated persistent cross-site scripting (XSS) vulnerability due to not properly handling the security of shortcode attributes.

[Read more]

23 Jul

Our Proactive Monitoring Caught an Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in Yes-co ORES

One of the ways we help to improve the security of WordPress plugins, not just for our customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that we caught an authenticated settings change vulnerability that leads to an authenticated persistent cross-site scripting (XSS) vulnerability in the plugin Yes-co ORES.

[Read more]

17 Jul

Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in HubSpot All-In-One Marketing – Forms, Popups, Live Chat

Yesterday a new version the WordPress plugin HubSpot All-In-One Marketing – Forms, Popups, Live Chat, which has 80,000+ installs, came on to our radar as there were a couple of seeming security related entries in the changelog for that version:

[Read more]

15 Jul

Vulnerability Details: Authenticated Persistent Cross-Site Scripting (XSS) in Email Subscribers & Newsletters

This post provides the details of a vulnerability in the WordPress plugin Email Subscribers & Newsletters not discovered by us, where the discoverer hadn’t provided the details needed for us to confirm the vulnerability while we were adding it to the data set for our service, so its contents are limited to subscribers of our service. If you are not currently a subscriber, you can try out the service to help protect your website for free and then you can view the contents of the post. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website is vulnerable due to it.

[Read more]

15 Jul

Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in Project Supremacy Lite (Project Supremacy V3 Lite)

As part of making sure we are providing the users of our service with the best information on vulnerabilities in WordPress plugins they may be using we monitor for indications that security vulnerabilities have been fixed in new versions of the plugins. Today that led to us looking at Project Supremacy Lite (Project Supremacy V3 Lite) where the changelog for the latest version is “Added some security fixes.” The changes made in that version look to be escaping the output of the plugin’s settings. Normally the lack of that wouldn’t be a vulnerability because only Administrators are allowed to change the settings and they can do anything they want with WordPress already. When we went to check to see if that was the case with this plugin we found that anyone logged in to WordPress can change the plugin’s settings and one of those settings is intended to be used to place JavaScript code on all of the frontened pages of the website, which would lead to an authenticated persistent cross-site scripting (XSS) vulnerability.

[Read more]

08 Jul

Recently Closed WordPress Plugin With 400,000+ Installs Contains Another Authenticated Persistent XSS Vulnerability

Back in April we ran across an authenticated persistent cross-site scripting (XSS) vulnerability in WP Google Maps after our monitoring of the WordPress Support Forum to keep track of publicly known vulnerabilities that have been in plugins customers of our service might be using, led to us coming across a claim that WPEngine was claiming there was an XSS vulnerability in it. That vulnerability remained in the plugin for two months after that and the team running the Plugin Directory apparently wasn’t concerned that a plugin with 400,000+ installs was known to be vulnerable. When it was fixed it turns out it wasn’t part of a larger security improvement.

[Read more]

24 Jun

Vulnerability Details: Authenticated Persistent Cross-Site Scripting (XSS) in WP Ultimate Recipe

This post provides the details of a vulnerability in the WordPress plugin WP Ultimate Recipe not discovered by us, where the discoverer hadn’t provided the details needed for us to confirm the vulnerability while we were adding it to the data set for our service, so its contents are limited to subscribers of our service. If you are not currently a subscriber, you can try out the service to help protect your website for free and then you can view the contents of the post. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website is vulnerable due to it.

[Read more]