Injection vulnerabilities in popular WordPress plugin could expose credentials, allow admin access

0

Get real time updates directly on you device, subscribe now.



Jessica Haworth

15 October 2021 at 12:41 UTC

Updated: 15 October 2021 at 13:55 UTC

Fastest Cache is used by more than one million websites

Vulnerabilities in a popular WordPress plugin Fastest Cache could allow an attacker to gain access to credentials and takeover an admin account.

The security flaws in the extension, which has more than one million active downloads, were discovered during an internal audit of the software by Jetpack Security.

The first flaw, an SQL injection vulnerability which has a CVSS score of 7.7, could grant attackers access to privileged information from an affected site’s database, for example usernames and hashed passwords.

This SQL injection bug can only be exploited if the classic-editor plugin is also installed and activated on the site.

Researchers also found a cross-site scripting (XSS) bug via a cross-site request forgery (CSRF) flaw that has a CVSS score of 9.6. Exploitation of this vulnerability would allow an attacker to perform the same actions as their victim, potentially an admin user, had privileges to enact.

Read more of the latest security news about WordPress

The same research team also discovered that they had the ability to store “rogue JavaScript” on the affected target.

Disclosure

In a blog post, the researchers from Jetpack provided more technical detail on how they were able to demonstrate the attacks. They credited researcher Marc Montpas with the original finding.

A timeline also showed that it took less than five weeks from initial contact with the vendor for them to fix the issue.

Fastest Cache users are urged to update to the latest version 0.9.5 to protect against these various vulnerabilities.

“We recommend that you check which version of the WP Fastest Cache plugin your site is using, and if it is less than 0.9.5, update it as soon as possible!” the blog reads.

YOU MAY LIKE Git providers revoke weak keys generated in vulnerable GitKraken crypto library





Source link

Get real time updates directly on you device, subscribe now.

You might also like
Leave A Reply

Your email address will not be published.