Podcast Episode 47: Staying Secure through Community Cooperation with GiveWP’s Matt Cromwell

https://www.wordfence.com/blog/2019/09/podcast-episode-47-staying-secure-through-community-cooperation-with-givewps-matt-cromwell/
At WordCamp Sacramento, Matt Cromwell from GiveWP talked with us about how Give began, their mission of democratizing generosity, and how they handled the vulnerability disclosure from the Wordfence team. When our security researchers reached out to provide a proof of concept, the Give and Wordfence teams worked together to ensure that the vulnerability was patched in the safest way possible. Matt also tells us how he got involved with WordPress and how he gives back to the community through the Advanced WordPress Facebook group with over 30,000 members. You can read more about our research on the authentication bypass […]

Authentication Bypass Vulnerability in GiveWP Plugin

https://www.wordfence.com/blog/2019/09/authentication-bypass-vulnerability-in-givewp-plugin/
Description: Authentication Bypass with Information DisclosureCVSS v3.0 Score: 7.5 (High)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NAffected Plugin: GiveWPPlugin Slug: giveAffected Versions: <= 2.5.4Patched Version: 2.5.5 A few weeks ago, our Threat Intelligence team discovered a vulnerability present in GiveWP, a WordPress plugin installed on over 70,000 websites. The weakness allowed unauthenticated users to bypass API authentication methods and potentially access personally identifiable user information (PII) like names, addresses, IP addresses, and email addresses which should not be publicly accessible.  We privately disclosed the issue to the plugin’s developer on September 3rd, who were quick to respond and released a patch shortly after. Wordfence Premium customers received a […]

Podcast Episode 46: Zero Day Vulnerability in Rich Reviews Plugin Exploited In The Wild

https://www.wordfence.com/blog/2019/09/podcast-episode-46-zero-day-vulnerability-in-rich-reviews-plugin-exploited-in-the-wild/
We chat with Mikey Veenstra to talk about the Wordfence Threat Intelligence team’s work tracking a series of active attacks on an unpatched vulnerability in the Rich Reviews plugin for WordPress. With an estimated 16,000 installations, attackers are targeting unauthenticated plugin option updates, which can be used to deliver stored cross-site scripting (XSS) payloads. Mikey explains how this works and what users of Rich Reviews can do to protect themselves. Podcast recorded September 24, 2019. Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast. Click here to download an MP3 version of […]

Zero Day Vulnerability in Rich Reviews Plugin Exploited In The Wild

https://www.wordfence.com/blog/2019/09/rich-reviews-plugin-vulnerability-exploited-in-the-wild/
Description: XSS Via Unauthenticated Plugin Options UpdateAffected Plugin: Rich ReviewsAffected Versions: <= 1.7.4CVSS Score: 8.3 (High)CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L The Wordfence Threat Intelligence team is tracking a series of attacks against an unpatched vulnerability in the Rich Reviews plugin for WordPress. The estimated 16,000 sites running the plugin are vulnerable to unauthenticated plugin option updates, which can be used to deliver stored cross-site scripting (XSS) payloads. Attackers are currently abusing this exploit chain to inject malvertising code into target websites. The malvertising code creates redirects and popup ads. Our team has been tracking this attack campaign since April of this year. You […]

Podcast Episode 45: Securing and Scaling eCommerce with Zach Stepek

https://www.wordfence.com/blog/2019/09/podcast-episode-45-securing-and-scaling-ecommerce-with-zach-stepek/
This week, our lead customer service engineer Tim Cantrell interviews Zach Stepek, CEO of MindSize, a digital agency focused on helping customers scale and succeed with eCommerce. Zach talks about how he got started with WordPress and WooCommerce, new features in JetPack that add functionality to WooCommerce, and how critical security is to site owners no matter what platform they use to sell goods and services online. Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast. Click here to download an MP3 version of this podcast. Subscribe to our RSS feed. You […]

Podcast Episode 44: Unpacking the WordPress 5.2.3 Security Release

https://www.wordfence.com/blog/2019/09/podcast-episode-44-unpacking-the-wordpress-5-2-3-security-release/
WordPress core version 5.2.3 was released on September 4. This was a security release patching eight key vulnerabilities in WordPress core, most of which were cross site scripting vulnerabilities. In this episode of Think Like a Hacker, we walk through each of the patched elements of WordPress core and how these vulnerabilities could have been exploited. We also look at the SIM port attack on Jack Dorsey’s Twitter account, and the lessons for all of us in using our cellphones and mobile devices for securing our online accounts. Find us on your favorite app or platform including iTunes, Google Podcasts, […]

The WordPress 5.2.3 Security Release Unpacked

https://www.wordfence.com/blog/2019/09/the-wordpress-5-2-3-security-release-unpacked/
WordPress core version 5.2.3 has just been released. This is a security release which contains several fixes. I’m going to detail each of them below and unpack what each fix means and add any additional info that may be relevant. Seven of the eight vulnerabilities fixed in this release are cross site scripting (XSS) vulnerabilities. Wordfence includes robust XSS protection in our free and Premium versions which will prevent exploitation of these vulnerabilities. The eighth is an open redirect vulnerability our team is monitoring to determine impact. WordPress 5.2.3 Security Updates by the Numbers This release contains eight security fixes which […]

Episode 43: Wordfence Research on Malvertising Campaign Makes the News

https://www.wordfence.com/blog/2019/09/episode-43-wordfence-research-on-malvertising-campaign-makes-the-news/
This week, we chat about the plan for WordPress 5.3 and some of the new features we will see added to WordPress in November, including many improvements to the editor. We will also see a switch from robots.txt files to meta tags for better control over search engine indexing. We also cover the latest developments with our threat intelligence team’s research into an ongoing malvertising campaign targeting WordPress plugin vulnerabilities. This story received quite a bit of news coverage, and that coverage caused closed-source content management platform Wix to Tweet a cheeky dig at WordPress that fell flat. Find us […]

Ongoing Malvertising Campaign Evolves, Adds Backdoors and Targets New Plugins

https://www.wordfence.com/blog/2019/08/ongoing-malvertising-campaign-continues-exploiting-new-vulnerabilities/
In July, we reported on a malvertising campaign which was distributing redirect and popup code through a number of public vulnerabilities affecting the WordPress ecosystem. As mentioned in the article, we’ve continued tracking this threat for new or changing activity. Much of the campaign remains identical. Known vulnerabilities in WordPress plugins are exploited to inject malicious JavaScript into the frontends of victim sites, which causes the sites’ visitors to be redirected to potentially harmful content like malware droppers and fraud sites. Where possible, the payloads are obfuscated in an attempt to avoid detection by WAF and IDS software. However, some […]

Malicious WordPress Redirect Campaign Attacking Several Plugins

https://www.wordfence.com/blog/2019/08/malicious-wordpress-redirect-campaign-attacking-several-plugins/
Over the past few weeks, our Threat Intelligence team has been tracking an active attack campaign targeting a selection of new and old WordPress plugin vulnerabilities. These attacks seek to maliciously redirect traffic from victims’ sites to a number of potentially harmful locations. Each of the vulnerabilities targeted by this campaign have been public for some time, and Wordfence users are protected either by individual firewall rules or generic protections built into the plugin. Two of the vulnerabilities in question have firewall rules which are currently available to Premium users only: NicDark Plugins – Unauthenticated Arbitrary Options Update Though several […]