Print Friendly, PDF & Email

1.Advisory: Real-Time Find and Replace plugin in WordPress

Risk : High

Description: The BtCIRT would like to inform the general public about the new vulnerability found in Real-Time Find and Replace plugin in WordPress discovered by the Security researchers all over the world. This vulnerability, if exploited, can lead to Cross-Site Request Forgery (CSRF) which further leads to Stored Cross-Site Scripting (Stored XSS) attacks. It can allow an attacker to perform malicious activities such as creating rogue administrative user accounts, stealing session cookies, or redirecting users to a malicious site. The flaw impacts all versions up to 3.9. 

Recommendation : WordPress site administrators and owners using the affected product are advised to secure their websites by updating to the latest version (4.0.2) immediately.

References: 

https://www.csa.gov.sg/singcert/alerts/al-2020-009?fbclid=IwAR38F4ZY9RVlteuTRAIdpwe8BwHRbCBcpq7Y6nipb5sUotDd7YYAT39yKQ4

https://www.wordfence.com/blog/2020/04/high-severity-vulnerability-patched-in-real-time-find-and-replace-plugin/    

https://www.bleepingcomputer.com/news/security/wordpress-plugin-bug-lets-hackers-create-rogue-admin-accounts/

https://www.securitynewspaper.com/2020/04/28/critical-vulnerability-in-wordpress-plugin-real-time-find-and-replace/

 

2. Advisory- WordPress media-library-assistant plugin up to 2.81V

Risk : High

Description: This vulnerability resides in the media-library-assistant plugin of WordPress versions up to 2.81 due to the improper security controls. A remote attacker could exploit this vulnerability manipulating the argumentstax_query, meta_query, or data_query as a parameter in mla_galleryfunction of the affected system.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary codes with elevated privileges on the targeted system.

Recommendation : Update the latest version of the WordPress 2.82 or later for media-library-assistant.

References: 

https://www.cert.gov.lk/alert_info.php?id=173

https://exchange.xforce.ibmcloud.com/vulnerabilities/180176

https://www.cert-in.org.in/