Critical zero-days found in three popular WordPress plugins

News by Robert Abel

Critical zero-day vulnerabilities in three popular Wordpress plug-ins could allow attackers to completely take over a vulnerable site.

Also in:

Critical zero-day vulnerabilities in three popular Wordpress plug-ins could allow attackers to completely take over a vulnerable site.

Wordfence researchers spotted the previously unknown vulnerabilities in the Appointments plug-in by Dev, Flickr Gallery plug-in by Dan Coulter and the RegistrationMagic-Custom Registration Forms plug-in by CMSHelpLive, according to a 2 October blog post.

“The exploits were elusive: a malicious file seemed to appear out of nowhere, and even sites with access logs only showed a POST request to /wp-admin/admin-ajax.php at the time the file was created,” researchers said in the blog post.

Researchers said the vulnerability allowed attackers to cause a vulnerable website to fetch a remote file (a PHP backdoor) and save it to a location of their choice and required no authentication or elevated privileges.

To compromise sites running Flickr Gallery, attackers only needed to send the exploit as a POST request to the site's root URL, while with the other two plugins the request would go to admin-ajax.php to compromise the systems. Researchers immediately notified the plugin authors and all three have published updates to fix the systems.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events