Categories
Security

Outdated Duplicator Plugin RCE Abused

Outdated Duplicator Plugin RCE Abused

We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file.

These cases are all linked to the same vulnerable software: WordPress Duplicator Plugin.

Versions lower than 1.2.42 of Snap Creek Duplicator plugin are vulnerable to a Remote Code Execution attack, where the malicious visitor is able to run any arbitrary code on the target site.

Continue reading Outdated Duplicator Plugin RCE Abused at Sucuri Blog.

Categories
Security

WordPress Update – 4.9.7 Security & Maintenance Release

WordPress Update – 4.9.7 Security & Maintenance Release

The WordPress team has just released a critical security and maintenance update to resolve a number of bugs and security issues.

Included in this release is a patch that protects against a vulnerability allowing bad actors to delete files from your site. If certain circumstances are met, this vulnerability may be enough for an attacker to completely take control of your website.

Are You at Risk?

If you don’t have automatic updates enabled or are using WordPress version 4.9.6 or earlier, your site may be vulnerable to this security issue originally reported by Slavco.

Continue reading WordPress Update – 4.9.7 Security & Maintenance Release at Sucuri Blog.

Categories
Security

SQLi Vulnerability in YITH WooCommerce Wishlist

SQLi Vulnerability in YITH WooCommerce Wishlist

As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the YITH WooCommerce Wishlist plugin for WordPress. This plugin allows visitors and potential customers to make wish lists containing products in the WooCommerce store, and is currently installed on 500,000+ websites.

Are You at Risk?

This vulnerability is caused by the lack of sanitization of user provided data in versions below 2.2.0.

Continue reading SQLi Vulnerability in YITH WooCommerce Wishlist at Sucuri Blog.

Categories
Security

SQL Injection in bbPress

SQL Injection in bbPress

During regular audits of our Sucuri Firewall (WAF), one of our researchers at the time, Slavco Mihajloski, discovered an SQL Injection vulnerability affecting bbPress. If the proper conditions are met, this vulnerability is very easy to abuse by any visitors on the victim’s website.

Because details about this vulnerability have been made public today on a Hackerone report, and updating to the latest version of WordPress fixes the root cause of the problem, we chose to disclose this bug and make the details public.

Continue reading SQL Injection in bbPress at Sucuri Blog.