Обзор уязвимостей в мире WordPress за май 2020 года
Обзор любезно предоставлен сервисом WPVulnDB, за что им отдельное спасибо.
Уязвимые плагины под WordPress
- Multi Scheduler <= 1.0.0 — Arbitrary Record Deletion via CSRF
- MapPress Maps < 2.54.6 — Improper Capability Checks in AJAX Calls
- bbPress < 2.6.5 — Authenticated Stored Cross-Site Scripting via the forums list table
- bbPress 2.6-2.6.5 — Authenticated Privilege Escalation via the Super Moderator feature
- bbPress < 2.6.5 — Unauthenticated Privilege Escalation when New User Registration enabled
- Final Tiles Gallery < 3.4.19 — Authenticated Stored Cross-Site Scripting (XSS)
- Page Builder: PageLayer — Drag and Drop website builder < 1.1.2 — CSRF leading to XSS
- Page Builder: PageLayer — Drag and Drop website builder < 1.1.2 — Unprotected AJAX’s leading to XSS
- Drag and Drop Multiple File Upload for Contact Form 7 < 1.3.3.3 — Unauthenticated File Upload Bypass
- Form Maker by 10Web <= 1.13.35 — Authenticated SQL Injection
- Official MailerLite Sign Up Forms < 1.4.5 — Multiple CSRF Issues
- Official MailerLite Sign Up Forms < 1.4.4 — Unauthenticated SQL Injection
- Add-on SweetAlert Contact Form 7 < 1.0.8 — Authenticated Stored Cross-Site Scripting (XSS)
- ThirstyAffiliates < 3.9.3 — Authenticated Stored XSS
- WP Frontend Profile < 1.2.2 — CSRF Check Incorrectly Implemented
- Paid Memberships Pro < 2.3.3 — Authenticated SQL Injection
- Ajax Load More < 5.3.2 — Authenticated SQL Injection
- Visual Composer < 27.0 — Multiple Authenticated Cross-Site Scripting Issues
- Team Members < 5.0.4 — Authenticated Stored Cross-Site Scripting (XSS)
- Photo Gallery by 10Web < 1.5.55 — Unauthenticated SQL Injection
- WP Product Review < 3.7.6 — Unauthenticated Stored Cross-Site Scripting (XSS)
- Login/Signup Popup < 1.5 — Authenticated Stored Cross-Site Scripting (XSS)
- Site Kit by Google < 1.8.0 — Privilege Escalation to gain Search Console Access
- Easy Testimonials < 3.6 — Authenticated Stored Cross-Site Scripting (XSS)
- WooCommerce < 4.1.0 — Unescaped Metadata when Duplicating Products
- Page Builder by SiteOrigin < 2.10.16 — CSRF to Reflected Cross-Site Scripting (XSS)
- Chopslider <= 3.4 — Unauthenticated Blind SQL Injection
- Iframe < 4.5 — Authenticated Stored Cross Site Scripting (XSS)
- Ultimate Addons for Elementor < 1.24.2 — Registration Bypass
- Elementor Pro < 2.9.4 — Authenticated Arbitrary File Upload
- Elementor < 2.9.8 — SVG Sanitizer Bypass leading to Authenticated Stored XSS
- Advanced Order Export For WooCommerce < 3.1.4 — Authenticated Cross-Site Scripting (XSS)
- WTI Like Post <= 1.4.5 — Authenticated Stored Cross-Site Scripting (XSS)
Уязвимые темы под WordPress
Источник: WPVulnDB.