WordPress Cache Plugin Exploit Affects +1 Million Websites

0

Popular WordPress plugin WP Fastest Cache plugin was discovered by Jetpack security researchers to have multiple vulnerabilities that could allow an attacker to assume full administrator privileges. The exploits affect over a million WordPress installations.

WP Fastest Cache Plugin Vulnerabilities Description

WP Fastest Cache is a WordPress plugin used by over a million WordPress websites. The plugin creates a static HTML version of the website.

There are multiple vulnerabilities that were discovered:

  • Authenticated SQL Injection
  • Stored XSS via Cross-Site Request Forgery

Advertisement

Continue Reading Below

Authenticated SQL Injection

The Authenticated SQL Injection allows a logged-in users to access administrator level information through the database.

A SQL Injection vulnerability is an attack that’s directed at the database, which is where the website elements, including passwords, are stored.

A successful SQL Injection attack could lead to a full website takeover.

The Jetpack security bulletin described the seriousness of the vulnerability:

“If exploited, the SQL Injection bug could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords).

It can only be exploited if the classic-editor plugin is also installed and activated on the site.”

Advertisement

Continue Reading Below

Stored XSS via Cross-Site Request Forgery

XSS (Cross-site Scripting) vulnerabilities is a somewhat common vulnerability that results from a flaw in how inputs to the website are validated. Anywhere a user can input something to a website, like a contact form, can be vulnerable to an XSS attack if the input isn’t sanitized.

Sanitized means to restrict what can be uploaded to a limited expected input, like text and not scripts or commands. A flawed input allows an attacker to inject malicious scripts that can then be used to attack users who visit the site, like the administrator, and do things like download malicious files to their browser or intercept their credentials.

Cross Site Request Forgery is when an attacker tricks a user, like a logged-in administrator, to visit the site and execute various actions.

These vulnerabilities depend on the classic-editor plugin being installed and that the attacker has some kind of user authentication, which makes it harder to exploit.

But these vulnerabilities are still serious and Jetpack recommends users upgraded their plugin to at least version 0.95 of WP Fastest Cache.

WP Fastest Cache version 0.95 was released on October 14, 2021.

According to Jetpack:

“If exploited, the SQL Injection bug could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords).

Successfully exploiting the CSRF & Stored XSS vulnerability could enable bad actors to perform any action the logged-in administrator they targeted is allowed to do on the targeted site.”

Advertisement

Continue Reading Below

Jetpack Security Research Warning

The security researchers at Jetpack recommend that all users of WP Fastest Cache WordPress plugin updated their plugin right away.

The Jetpack security researchers posted:

“We recommend that you check which version of the WP Fastest Cache plugin your site is using, and if it is less than 0.9.5, update it as soon as possible!”

Citation

Read the Jetpack Security Announcement About WP Fastest Cache Plugin

Multiple Vulnerabilities in WP Fastest Cache Plugin

if( typeof sopp !== "undefined" && sopp === 'yes' ){ fbq('dataProcessingOptions', ['LDU'], 1, 1000); }else{ fbq('dataProcessingOptions', []); }

fbq('init', '1321385257908563');

fbq('track', 'PageView');

fbq('trackSingle', '1321385257908563', 'ViewContent', { content_name: 'wp-fastest-cache-vulnerability', content_category: 'news wp ' });

FOLLOW US ON GOOGLE NEWS

 

Read original article here

Denial of responsibility! Search Engine Codex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.

0
205 posts 0 comments
You might also like More from author
Leave A Reply

Your email address will not be published.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More