Login

Tag Archives: Cross-Site Request Forgery (CSRF)

24 Mar 2023

Privilege Escalation Vulnerability in WP Mail Logging

This week Patchstack claimed vaguely that a cross-site request forgery (CSRF) vulnerability had been fixed in the WordPress plugin WP Mail Logging in the most recent version of the plugin. With another claim of that type of vulnerability this week, we found they appeared to have gotten the details wrong. In this case, the changelog for the version this was supposed to have been addressed in doesn’t have any mention of a security fix. The only thing that seems like it could be a reference to that sort of thing is a claim that they removed the Redux Framework.

[Read more]

24 Feb 2023

Privilege Escalation Vulnerability in Enable Media Replace

The changelog for the latest version of the WordPress plugin Enable Media Replace makes no mention of fixing a security vulnerability, but there was a very minor one fixed. The changes being made in that version were flagged by our machine learning system, which tries to catch security fixes being made without it being disclosed.

[Read more]

4 Nov 2022

Privilege Escalation Vulnerability in Video Thumbnails WordPress Plugin

Earlier this week the WordPress plugin Video Thumbnails was closed on the WordPress Plugin Directory. As that plugin is one of the 1,000 most popular plugins, we were alerted to its closure. No reason has been given for the closure. But there are multiple minor security vulnerabilities in the latest version.

As one example of those vulnerabilities, the functionality for “resetting a video thumbnail” is accessible to anyone logged in to WordPress, instead of only to someone is who is editing the relevant post related to a video thumbnail. [Read more]

17 Oct 2022

Privilege Escalation Vulnerability in BulletProof Security

After seeing possible hacker probing for the WordPress plugin BulletProof Security last week, we checked over it for any easy to spot serious vulnerabilities that a hacker might be interested in exploiting. We didn’t find any of those, but we did run across several places where the plugin is not properly secured. Among those, it permits low-level WordPress users to access to some of its MScan malware scanner functionality. That could be abused to cause the website to use a lot of server resources.

Like the rest of the plugin’s admin pages, the admin page for MScan is restricted to users with the manage_options capability, so normally only Administrators: [Read more]

25 May 2022

600,000+ Install WordPress Plugin WP Statistics Isn’t Properly Securing Its Optimization Functionality

Yesterday the JVN released a vague report claiming that a cross-site scripting (XSS) vulnerability had been fixed in version 13.2.0 of the WordPress plugin WP Statistics. There isn’t enough information provided to confirm that there was a vulnerability or that it was fixed.

Confusingly, one of our competitors, Automattic’s WPScan, is citing that report as the source for a claim that a vulnerability was fixed in version 13.2.2 of the plugin: [Read more]