05 Mar

Is This PHP Object Injection Vulnerability Why a Hacker Would Be Interested in the WordPress Plugin Newletters?

On March 1 we had a request on this website for a file that would be located at wp-content/plugins/newsletters-lite/readme.txt. That is file from the plugin Newsletters and our guess would be that the request was from a hacker probing for usage of the plugin in preparation to try to exploit a vulnerability in it. In looking over the plugin we found a PHP object injection vulnerability that might be what be what a hacker would be interested in exploiting, since that is a type of vulnerability they frequently target.

[Read more]

26 Jun

Cross-Site Request Forgery (CSRF)/Arbitrary File Upload Vulnerability in Newsletters

We recently have been trying to get an idea of how effective it would be to try to proactively catch some vulnerabilities when changes are made to WordPress plugins that include those vulnerabilities. Seeing as arbitrary file upload vulnerabilities are at the top in terms of exploits that seems like one area where it might make sense to focus on, while looking over just several days worth of plugin changes we ran across a related, though much less concerning vulnerability. That being a cross-site request forgery (CSRF)/arbitrary file upload vulnerability in the plugin Newsletters, which would be unlikely to be targeted on a wide scale, but might be used in a targeted attack.

[Read more]