A couple of the important things we do when it comes to vulnerabilities in WordPress plugins came together the other day, providing an example of what happens if we were not doing it. One of the ways we keep track of what plugin vulnerabilities are out there is to monitor our websites apparent hacker activity. Through that we came across a request for the readme.txt for several plugins, including the plugin Gallery Objects, that we didn’t have installed. That type of request is usually an indication that hackers are probing for usage of the plugins before attempting to exploit something in it.

While trying to figure out what the vulnerability the hacker might be targeting in the plugins, we thought there might be some connection between the vulnerabilities in all of them. After spotting what looked to be a SQL injection vulnerabilities in several of them, we took a look at the others to see if they might contain them as well. When we got to Gallery Objects we easily found one. After we had done that, we did a check to see if there were any other vulnerabilities that had previously been disclosed in the plugin and found that the same SQL injection vulnerability we found had already been disclosed in July of 2014, which was before we started collecting data for our service (so our data for that time period is more limited than it is for newer vulnerabilities). [Read more]