Login

Tag Archives: ProfilePress

30 Jun 2021

WPScan’s False Claim of Vulnerability in ProfilePress

With recent vulnerabilities in the WordPress plugin ProfilePress (formerly WP User Avatar), we have been ahead the pack, being the first to identify that the new plugin replacing the previous WP User Avatar plugin, was insecure through our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. We also warned about the more serious vulnerabilities nearly a month before other providers. What we didn’t do is what another data provider, WPScan, has done, run with a false report of a vulnerability in the plugin. Here is the description of a claimed authenticated stored XSS vulnerability they added to their data set two days ago:

The plugin did not sanitise or escape some of its settings before saving them and outputting them back in the page, allowing high privilege users such as admin to set JavaScript payloads in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue [Read more]

29 Jun 2021

We Warned About “Easily Exploitable Critical Vulnerabilities” in ProfilePress Nearly a Month Before Other Security Providers

Yesterday Wordfence disclosed vulnerabilities that existed in the WordPress plugin ProfilePress (previously WP User Avatar) that they described as “critical and easily exploitable security issues” that:

made it possible for an attacker to upload arbitrary files to a vulnerable site and register as an administrator on sites even if user registration was disabled, all without requiring any prior authentication [Read more]

25 May 2021

WP User Avatar/ProfilePress and the Security Implications of Repurposing a WordPress Plugin

Last week one of the most popular WordPress plugins, WP User Avatar, was repurposed to become ProfilePress. Here is how Justin Tadlock at the WordPress Tavern, described the change in the plugin:

Instead of a simple, single-purpose custom avatar solution, it is a full-fledged user registration, profile, login, and membership management plugin. [Read more]

25 May 2021

Our Proactive Monitoring Caught a Reflected XSS Vulnerabilities in a WordPress Plugin With 400,000+ Installs

One way we help to improve the security of WordPress plugins, not just for our customers of our service, but for everyone using them, isĀ our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that we caught a reflected cross-site scripting (XSS) vulnerabilities in the plugin ProfilePress, which has 400,000+ active installations.

The possibility of these vulnerabilities is also now flagged by our Plugin Security Checker due an improvement we made based on these vulnerabilities, so you can check plugins you use to see if they might have similar issues with that tool. The tool flags other possible security issues in the plugin, so we wouldn’t recommend using the plugin unless the security has more broadly been reviewed and corrected. [Read more]