Login

Tag Archives: BePro Listings

29 Jun 2016

Very Vulnerable WordPress Plugin Returns to Plugin Directory Without Being Fixed

When we discover a vulnerability in a plugin we can help protect the customers of our service by alerting them to the issue and they can then take the action they feel appropriate (we can also assist them in determining what is the appropriate action to take). For plugins that we seeing exploitation attempts against them, we also include the data on the vulnerabilities in the companion Plugin Vulnerabilities plugin, so even those who haven’t signed up the service get notified. But the best thing that can happens is that  the developer of the plugin fixes the vulnerability to insure that everyone can get protected without having to do anything more than update the plugin.

After discovering a vulnerability we notify the developer of the plugin about the vulnerability and offer to help them fix it, but often we don’t even hear anything back from them and the vulnerability isn’t fixed. When that happens the last thing we can do is notify the Plugin Directory about the issue. For most vulnerabilities they will then pull the plugin from the Plugin Directory pending it being fixed. [Read more]

3 Jun 2016

Post Deletion Vulnerability in BePro Listings

As was mentioned in more details on the post on the other vulnerability we found in the plugin BePro Listing, we recently had a request for a file from the plugin, which indicated that someone might be trying to exploit something in this plugin. While that arbitrary file upload vulnerability is probably what hackers are looking to exploit. The plugin also has a vulnerability that allows anyone to delete posts from a website with this plugin enabled.

The plugin has an AJAX accessible function bepro_ajax_delete_post(), which accessible whether or not someone is logged in to WordPress: [Read more]

3 Jun 2016

Arbitrary File Upload Vulnerability in BePro Listings

One of the ways we make sure that we are providing the best vulnerability data possible to our customers is by monitoring attempts to exploit WordPress plugins on our websites. Now for the third time in less than month this has lead to us finding new vulnerabilities being exploited.

This time it started with a request for the file /wp-content/plugins/bepro-listings/css/generic_listings_1.css on this website. That is a file from the plugin BePro Listings, which we don’t have installed. Since we don’t have it installed there wouldn’t be a reason for someone to be requesting it in normal circumstances, which usually indicates that someone is looking to see if the plugin is installed before trying to exploit a vulnerability in it. Since it isn’t installed, we couldn’t see what the hacker was looking to exploit in it. [Read more]