Login

Tag Archives: Vulnerability Details

21 Dec 2022

Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in Meteor Slides

The WordPress plugin Menteor Slides was closed on the WordPress Plugin Directory yesterday. As at least one customer of ours is using the plugin, we were alerted to the closure. No explanation has been given for the closure, but we found that it contains an authenticated persistent cross-site scripting vulnerability. Which, according to WPScan, was already found by Lana Codes. That vulnerability is caused by the plugin’s shortcode functionality.

[Read more]

7 Dec 2022

Patchstack Isn’t Verifying Vulnerability Info Being Copied From WPScan’s Inaccurate Data

Yesterday, we noted that the WordPress security provider WPScan isn’t verifying claimed vulnerabilities being added to their data set, despite claiming to do just that. That came in the context of them claiming that there was a vulnerability in a plugin, where what they claimed was at issue wasn’t really a vulnerability, but there really was a more serious vulnerability. That wasn’t a one-off issue.

WPScan recently claimed that the plugin Popup Maker had contained an admin+ stored cross site scripting vulnerability, which they described this way: [Read more]

5 Dec 2022

Information Disclosure Vulnerability in WordPress Plugin Download Monitor

A recent version of the WordPress plugin Download Monitor had a changelog that indicated that a security vulnerability might have been fixed, “Fix: Security fix”. Looking at the changes made seemed to show that the developer might have been improperly fixing a vulnerability and further checking confirmed that was the case.

[Read more]

22 Nov 2022

WordPress Security Plugins Contained Fairly Serious Vulnerability Because of Unresolved WordPress Security Issue

Something that should get a lot more attention and raise a lot more questions is why the security industry’s own software and hardware is itself so insecure. That insecurity is a frequent issue with WordPress security plugins. The latest instance of that involves two WordPress security plugins AntiHacker and StopBadBots, which contained a vulnerability that allowed anyone logged in to WordPress to install any plugins in the WordPress Plugin Directory.

Those plugins come from the same developer and three additional plugins were affected: CarDealer, WP Memory, and wptools. Together, the plugins have at least 22,000+ installs. [Read more]

21 Nov 2022

WordPress Plugins From YITH With Over 1 Million Installs Contained Authenticated Information Disclosure Vulnerability

Recently 21 WordPress plugins from the developer YITH have been updated with a vague changelog entry that they “patched security vulnerability”. The security vulnerability patched allowed anyone logged in to WordPress to view the contents of two log files if they existed on websites. One of those could contain sensitive information, as it would contain information logged for PHP errors. If the functionality had previously been used, then other users could access them as well. The latter issue hasn’t been resolved.

Among the plugins affected are the 900,000+ install YITH WooCommerce Wishlist, 200,000+ install YITH WooCommerce Compare, and two plugins with 100,000+ installs, YITH WooCommerce Ajax Product Filter and YITH WooCommerce Quick View. [Read more]