Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins - SC Media


(Adobe Stock)
Three high-severity vulnerabilities that are prone to unauthenticated cross-site scripting (XSS) attacks that let attackers inject malicious scripts via leading WordPress plug-ins were observed.
The bugs could potentially impact nearly 6 million WordPress installations, so security pros advised taking them seriously.
In a May 29 blog post, Fastly researchers said the attack payloads they observed inject a script tag that points to an obfuscated JavaScript file hosted on an external domain.
The researchers said the script used to target each of the bugs was identical, focused on the following malicious actions: creating a new admin account; injecting backdoors, and setting up tracking scripts, apparently to monitor infected sites.

The first bug – CVE-2024-2194 – affected WPStatistics, which has more than 600,000 installations. The second bug – CVE-2023-6961 – hit the WP Meta SEO plug-in that has more than 20,000 installations. And finally, CVE-2023-40000 – hit the LiteSpeed Cache plug-in, which has well more than 5 million installations.
Adam Neel, threat detection engineer at Critical Start, said these WordPress bugs let attackers steal admin credentials via XSS. Neel added that WordPress admins have capabilities that security teams would not want in the hands of an attacker, such as removing other users, deleting pages, and being able to see all backend content.
“This is a wealth of information and power for attackers to have, so it’s imperative for website administrators to update the vulnerable plugins,” said Neel. “Ensure all WordPress plugins are updated to the latest versions.”
Lionel Litty, chief security architect at Menlo Security, added that there are mechanisms to mitigate the impact of this type of stored XSS vulnerability, namely the Content Security Policy header. Unfortunately, Litty said too few web servers have this deployed and even the ones that do often have a policy that is too lax to be effective.
“This is a good reminder to examine the sensitive web applications you are using to see if they have adequate hardening in place,” said Litty. “If they don't, ask your vendor about it.”
Critical Start’s Neel recommended the following remediation steps for security pros to consider:

Cybernews reports that updates have been introduced to the LightSpy surveillance tool to expand its targeting to systems running on older iterations of macOS after initially only targeting iOS devices.

As the industry relies more on open source software, it really needs to take a more proactive stance on patching vulnerabilities.

Hackread reports that major instant messaging and VoIP social platform Discord has been infiltrated with more than 50,000 malicious links during the last six months, most of which were for malware and phishing attacks.
On-Demand Event

On-Demand Event

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.


Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.
Your use of this website constitutes acceptance of CyberRisk Alliance Privacy Policy and Terms & Conditions.

source

Comments

Post a Comment

Popular Posts