06 Dec

Closure of Modula Image Gallery Leads to Disclosure of Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in It

Last week we started monitoring for closures of the 1,000 most popular WordPress plugins and that alerted to us the plugin Modula Image Gallery, which has 40,000+ active installations and was closed yesterday. There have been two new versions released since it was closed. The first 1.3.4 has a changelog entry of “wp.org review” and [Read more]

03 Dec

Vulnerability Details: Authenticated Persistent Cross-Site Scripting (XSS) in Advanced Custom Fields

This Vulnerability Details post about a vulnerability in the plugin Advanced Custom Fields provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view [Read more]

26 Nov

Vulnerability Details: Authenticated Persistent Cross-Site Scripting (XSS) in LoginPress

Our Vulnerability Details posts provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view the rest of the post.If you are not currently [Read more]

01 Nov

Full Disclosure of Authenticated XSS Vulnerability in WordPress Plugin With 100,000+ Installs

One of the elements of the inappropriate behavior of the moderators of the WordPress Support Forum that has lead us to full disclosing vulnerabilities in protest until WordPress gets that situation cleaned up has been to delete messages about vulnerabilities in WordPress plugins while doing nothing to get them fixed. We don’t know how they think [Read more]

29 Oct

Vulnerability Details: Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in AMP for WP – Accelerated Mobile Pages

This Vulnerability Details post about a vulnerability in the plugin AMP for WP – Accelerated Mobile Pages provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to [Read more]

24 Oct

Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in Event Calendar WD

The changelog for the latest version of Event Calendar WD indicates that some sort of cross-site scripting (XSS) vulnerability had been fixed, “Fixed: XSS vulnerabilities”. Looking at the changes made in that version various data is escaped before being output, but when we went to check this out what we found that was incompletely done. As an [Read more]

04 May

Vulnerability Details: Authenticated Persistent Cross-Site Scripting (XSS) in WordPress File Upload

Our Vulnerability Details posts provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view the rest of the post.If you are not currently [Read more]

07 Feb

Vulnerability Details: Privilege Escalation Vulnerability in Accelerated Mobile Pages

This Vulnerability Details post about a vulnerability in the plugin Accelerated Mobile Pages provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view [Read more]

16 Jan

Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in WP GitHub Tools

Recently we were contacted by one of the users of our service, J.D. Grimes, who had found some possible vulnerabilities that involved shortcodes and a lack of escaping when passing data to the function wp_localize_script(). He was too busy to go further with them at the time and was wondering if we could take it [Read more]

16 Jan

Making Sure That Valid Values Are Provided For Shortcode Attributes Can Prevent Security Issues As Well Providing a Better Experience

One of the areas of WordPress plugins that has received additional attention when it comes to security recently has been shortcodes, as WordPress now allows anyone that is logged in to WordPress to access those. While that change has expanded the pool of people that might exploit an issue related to those, it was already [Read more]