Vulnérabilité WordPress Plugins avril 2021

Dernières failles de sécurité plugins et WordPress

Plusieurs nouvelles vulnérabilités de plugins et de thèmes WordPress ont été révélées au cours de mars 2021, nous voulons donc vous tenir au courant. Dans cet article, nous abordons les vulnérabilités de plugins et de thèmes WordPress récents

Il faut rapidement,  vérifier les mises à jour de ces plugins/thèmes. Si aucune mise à jour, vous devez les supprimer de votre installation WordPress !.

• WordPress Core Vulnerabilities
  • WordPress 5.6-5.7 – Authenticated XXE Within the Media Library Affecting PHP 8
    
  • WordPress 4.7-5.7 – Authenticated Password Protected Pages Exposure
    

  
  WordPress Plugin Vulnerabilities

  • Download Manager < 3.1.19 – Authenticated (author+) PHP4 File Upload to RCE
    
  • Download Manager < 3.1.22 – Plugin Settings Change via CSRF
    
  • Download Manager < 3.1.23 – Unauthorised Asset Manager Usage
    
  • Give WP < 2.10.4 – Authenticated Stored Cross-Site Scripting (XSS)
    
  • AcyMailing < 7.5.0 – Unauthenticated Open Redirect
    
  • WPGraphQL <= 1.3.5 – Denial of Service
    
  • WP Fastest Cache < 0.9.1.7 – Authenticated Arbitrary File Deletion via Path Traversal
    
  • Happy Addons for Elementor Free < 2.24.0 and Pro < 1.17.0 – Contributor+ Stored XSS
    
  • Store Locator Plus <= 5.5.14 – Authenticated Privilege Escalation
    
  • Store Locator Plus <= 5.5.15 – Unauthenticated Stored Cross-Site Scripting (XSS)
    
  • Car Seller – Auto Classifieds Script <= 2.1.0 – Unauthenticated SQL Injection
    
  • Software License Manager < 4.4.6 – CSRF to Stored XSS
    
  • Select All Categories and Taxonomies < 1.3.2 – Reflected Cross-Site Scripting (XSS)
    
  • Redirect 404 to Parent < 1.3.1 – Reflected Cross-Site Scripting (XSS)
    
  • Multiple WP-Buy Plugins – Arbitrary Plugin Installation/Activation via Low Privilege User
    
  • Multiple WP-Buy Plugins – Arbitrary Plugin Installation/Activation via CSRF
    
  • Woocommerce < 5.2.0 – Authenticated Stored Cross-Site Scripting (XSS)
    
  • iThemes Security Free (< 7.9.1) & Pro (< 6.8.4) – Hide Backend Bypass
    
  • RSS for Yandex Turbo < 1.30 – Authenticated Stored Cross-Site Scripting (XSS)
    
  • Accordion < 2.2.30 – Authenticated Reflected Cross-Site Scripting (XSS)
    
  • Kaswara Modern VC Addons (0-day) – Unauthenticated Arbitrary File Upload
    
  • Redirection for Contact Form 7 < 2.3.4 – Unprotected AJAX Actions
    
  • Redirection for Contact Form 7 < 2.3.4 – Authenticated Arbitrary Post Deletion
    
  • Redirection for Contact Form 7 < 2.3.4 – Authenticated PHP Object Injection
    
  • Redirection for Contact Form 7 < 2.3.4 – Authenticated Arbitrary Plugin Installation
    
  • Redirection for Contact Form 7 < 2.3.4 – Unauthenticated Arbitrary Nonce Generation
    
  • Photo Gallery < 1.5.69 – Multiple Reflected Cross-Site Scripting (XSS)
    
  • Contact Form by Supsystic < 1.7.15 – Reflected Cross-Site scripting (XSS)
    
  • Popup by Supsystic < 1.10.5 – Reflected Cross-Site scripting (XSS)
    
  • Ultimate Maps by Supsystic < 1.2.5 – Reflected Cross-Site scripting (XSS)
    
  • WordPress Download Manager < 3.1.18 – Unauthorised Download Duplication
    
  • 404 SEO Redirection <= 1.3 – CSRF to Stored Cross-Site Scripting (XSS)
    
  • 404 SEO Redirection <= 1.3 – Reflected Cross-Site Scripting (XSS)
    
  • All 404 Redirect to Homepage < 1.21 – Reflected Cross-Site Scripting (XSS)
    
  • SEO Redirection < 6.4 – Authenticated Stored Cross-Site Scripting (XSS)
    
  • Edwiser Bridge < 2.0.7 – CSRF Nonce Bypass
    
  • Outdated php-mod/curl Library – Unauthenticated Reflected Cross-Site Scripting (XSS)
    
  • Easy Digital Downloads < 2.10.3 – Unauthorised Stripe Disconnect via CSRF
    
  • Clever Addons for Elementor < 2.1.0 – Contributor+ Stored XSS
    
  • User Rights Access Manager < 1.0.4 – Improper Access Controls
    
  • Fitness Calculators < 1.9.6 – Cross-Site Request Forgery to Cross-Site Scripting (XSS)
    
  • BuddyPress < 7.3.0 – Multiple Authenticated REST API Vulnerabilities
    
  • Ultimate Addons for Elementor < 1.30.0 – Contributor+ Stored XSS
    
  • DethemeKit For Elementor < 1.5.5.5 – Contributor+ Stored XSS
    
  • Sina Extension for Elementor < 3.3.12 – Contributor+ Stored XSS
    
  • JetWidgets For Elementor < 1.0.9 – Contributor+ Stored XSS
    
  • All-in-One Addons for Elementor – WidgetKit < 2.3.10 – Contributor+ Stored XSS
    
  • The Plus Addons for Elementor Page Builder Lite < 2.0.6 – Contributor+ Stored XSS
    
  • Rife Elementor Extensions & Templates < 1.1.6 – Contributor+ Stored XSS
    
  • Image Hover Effects – Elementor Addon < 1.3.4 – Contributor+ Stored XSS
    
  • PowerPack Addons for Elementor < 2.3.2 – Contributor+ Stored XSS
    
  • WooLentor – WooCommerce Elementor Addons + Builder < 1.8.6 – Contributor+ Stored XSS
    
  • HT Mega – Absolute Addons for Elementor Page Builder < 1.5.7 – Contributor+ Stored XSS
    
  • Livemesh Addons for Elementor < 6.8 – Contributor+ Stored XSS
    
  • Elementor Addon Elements < 1.11.2 – Contributor+ Stored XSS
    
  • ElementsKit and ElementsKit Pro < 2.2.0 – Contributor+ Stored XSS
    
  • Premium Addons for Elementor < 4.2.8 – Contributor+ Stored Cross-Site Scripting (XSS)
    
  • Elementor – Header, Footer & Blocks Template < 1.5.8 – Contributor+ Stored XSS
    
  • Essential Addons for Elementor < 4.5.4 – Contributor+ Stored Cross-Site Scripting (XSS)
    
  • Business Directory Plugin < 5.11.2 – Arbitrary Payment History Update
    
  • Business Directory Plugin < 5.11.2 – Arbitrary Listing Export
    
  • Business Directory Plugin < 5.11.2 – Authenticated Stored Cross-Site Scripting
    
  • College Publisher Import <= 0.1 – Arbitrary File Upload to RCE
    
  • Business Directory Plugin < 5.11.1 – Authenticated PHP4 Upload to RCE
    
  • Business Directory Plugin < 5.11.1 – Arbitrary Add/Edit/Delete Form Field to Stored XSS
    
  • Business Directory Plugin < 5.11 – Arbitrary File Upload to RCE
    
  • Classyfrieds <= 3.8 – Authenticated Arbitrary File Upload to RCE
    
  • Event Banner <= 1.3 – Arbitrary File Upload to RCE
    
  • Contact Form Check Tester <= 1.0.2 – Broken Access Control to Cross-Site Scripting (XSS)
    
  • Larsens Calender <= 1.2 – Stored Cross-Site Scripting (XSS)
    
  • WorkScout Core < 1.3.4 – Authenticated Stored XSS & XFS
    
  • Imagements <= 1.2.5 – Unauthenticated Arbitrary File Upload to RCE
    
  • Stop Spammers < 2021.9 – Reflected Cross-Site Scripting (XSS)
    
  • OpenID Connect Generic Client 3.8.0-3.8.1 – Reflected Cross Site Scripting (XSS) via Login Error
    
  • WPBakery Page Builder Clipboard < 4.5.8 – Unauthorised Arbitrary License Options Update
    
  • Simple Membership < 4.0.4 – Authenticated SQL Injections
    
  • Tutor LMS < 1.8.8 – Authenticated Local File Inclusion
    
  • WPBakery Page Builder Clipboard < 4.5.6 – Subscriber+ Stored Cross-Site Scripting (XSS)
    
  • Pie Register < 3.7.0.1 – Reflected Cross-Site Scripting (XSS)
    
  • Business Hours Pro <= 5.5.0 – Unauthenticated Arbitrary File Upload to RCE
    
  • Erident Custom Login and Dashboard < 3.5.9 – Authenticated Stored Cross-Site Scripting (XSS)
    

  
  WordPress Theme Vulnerabilities

  • Goto < 2.1 – Unauthenticated Blind SQL Injection
    
  • WorkScout Core < 1.3.4 – Authenticated Stored XSS & XFS
    

Ce qu’il faut faire

Les vulnérabilités n’ont pas été corrigées. Gardez un œil sur le journal des modifications pour une mise à jour qui inclut un correctif.

La maintenance de votre site WordPress permet des mises à jour régulières afin d’éviter les bugs et les problèmes de piratage.

Nous solutions de maintenance WordPress à partir de 34€ ht/ mois 

source : WPScan