Обзор уязвимостей в мире WordPress за декабрь 2020 года
Обзор любезно предоставлен сервисом WPVulnDB, за что им отдельное спасибо.
Уязвимые плагины под WordPress
- Site Offline < 1.4.4 — Multiple Cross-Site Request Forgery
- Newsletter Manager <= 1.5.1 — Unauthenticated Insecure Deserialisation
- LiteSpeed Cache < 3.6.1 — Authenticated Stored Cross-Site Scripting
- WP Postratings < 1.86.1 — Authenticated Stored Cross-Site Scripting
- Envira Gallery Lite < 1.8.3.3 — Authenticated Stored Cross-Site Scripting
- Simple Social Buttons < 3.2.1 — Unauthenticated Reflected Cross-Site Scripting
- Simple Social Buttons < 3.2.0 — Reflected Cross-Site Scripting
- Contact Form 7 < 5.3.2 — Unrestricted File Upload
- Redux Framework 4.1.22 — 4.1.23 — CSRF Nonce Validation Bypass
- Redux Framework < 4.1.21 — CSRF Nonce Validation Bypass
- Limit Login Attempts Reloaded < 2.17.4 — Login Rate Limiting Bypass
- Limit Login Attempts Reloaded < 2.16.0 — Authenticated Reflected Cross-Site Scripting
- Total Upkeep by BoldGrid < 1.14.10 — Unauthenticated Backup Download
- Total Upkeep by BoldGrid < 1.14.10 — Sensitive Data Disclosure (Server IP Address, UID etc)
- Directories Pro < 1.3.46 — Authenticated Self-Reflected Cross-Site Scripting
- Directories Pro < 1.3.46 — Authenticated Reflected Cross-Site Scripting
- Ultimate Category Excluder < 1.2 — Cross-Site Request Forgery
- Pagelayer < 1.3.5 — Multiple Reflected Cross-Site Scripting (XSS)
- DiveBook <= 1.1.4 — Unauthenticated SQL Injection
- DiveBook <= 1.1.4 — Unauthenticated Reflected XSS
- DiveBook <= 1.1.4 — Improper Authorisation Check
- Easy WP SMTP < 1.4.3 — Debug Log Disclosure
- Themify Portfolio Post < 1.1.6 — Authenticated Stored Cross-Site Scripting
- Profile Builder & Profile Builder Pro < 3.3.3 — Authenticated Blind SQL Injection
Уязвимые темы под WordPress
- ListingPro < 2.6.1 — Unauthenticated Sensitive Data Disclosure (Usernames, Emails etc)
- ListingPro < 2.6.1 — Unauthenticated Arbitrary Plugin Installation/Activation/Deactivation