Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42869
  • Total Topics: 16078
  • Online Today: 3841
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: A Backdoored WordPress Plugin and 3 Additional Vulnerabilities  (Read 2464 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
A Backdoored WordPress Plugin and 3 Additional Vulnerabilities

We have several plugin vulnerabilities we’d like to bring to your attention this week.

First up is a backdoor that was added to the Custom Content Type Manager plugin. The backdoor was added by a malicious coder who gained access to the plugin code in the official WordPress plugin repository.

It’s unclear whether the plugin author’s credentials were stolen or whether the malicious actor was granted access. The WordPress security team removed the malicious user account that added the backdoor to the plugin. They have also removed all malicious code that was added to the plugin and updated the version number so that users running this plugin will be prompted to upgrade.

If you are using Custom Content Type Manager, you will need to take the following steps to remove any infection and install the updated non-backdoored version of the plugin.

1. Update to version 0.9.8.9 of Custom Content Type Manager
2. The malicious code in this plugin installed a backdoor in WordPress core files. So run a Wordfence scan on your site to check the integrity of your core files. The free version of Wordfence will do this.  Make sure the option to compare your core files against the official WordPress versions is enabled. In the scan results, make sure that the following three files are not modified. ◦wp-login.php
◦wp-admin/user-edit.php
◦wp-admin/user-new.php

3. If any of the above files are modified, you can use Wordfence to repair them.
4. Change the passwords of all your users.
5. Delete any user accounts you don’t recognize. Check admin accounts in particular.
6. If a file called wp-options.php exists in your home directory, remove it.

The SP Projects and Document Manager plugin  version 2.5.9.6 has multiple vulnerabilities including file upload, code execution, sql injection and XSS. Update to to version 2.6.1.1 immediately which contains the vendor released fixes and is the newest version.

If you are running Easy Digital Downloads, ensure you’ve updated to at least version 2.5.8 which fixes an object injection vulnerability. The current version is 2.5.9. The vulnerability was disclosed within the past week.

A vulnerability was publicly disclosed in the Bulk Delete plugin earlier this month that allows unprivileged users to delete pages or posts. The vendor has already released a fix so make sure that if you’re using the Bulk Delete Plugin, you’ve updated to version 5.5.4 which is the latest version.

That concludes our vulnerability roundup for this week. Please share this with the larger WordPress community to help create awareness of these issues.


Original article: https://www.wordfence.com/blog/2016/03/backdoored-wordpress-plugin-vuln-roundup/?utm_source=list&utm_medium=email&utm_campaign=bdr1
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising