3 Severe Plugin Vulnerabilities Fixed in the Last 24 Hours
By Mark Maunder for WordFence. Original here.
The following three plugins contain severe vulnerabilities that have all been fixed within the past 24 hours. Details of these vulnerabilities have been released to the public so they are likely already being exploited. If you use any of these plugins, upgrade immediately. Please share with the larger WordPress community.
- WooCommerce Store Toolkit Plugin (A plugin for WooCommerce made by Visser Labs, not the core product) version 1.5.6 contains a privilege escalation vulnerability. The vulnerability allows a registered user to delete all posts, comments, products, orders, media and more. Upgraded to version 1.5.7 immediately to fix this issue.
- WordPress User Meta Manager plugin version 3.4.6 contains an information disclosure vulnerability that allows an unprivileged user to download the user_meta table. It also contains a privilege escalation vulnerability that lets anyone upgrade themselves to admin along with a blind SQL injection vulnerability. These are fixed in 3.4.8. The fix was released within the last 24 hours. Upgrade immediately.
- The WP User Frontend plugin version 2.3.10 and older contains an unrestricted file upload vulnerability that allows anyone to upload a file to your WordPress installation. This is fixed in version 2.3.11 and newer (current version is 2.3.12). The fix was released within the past 24 hours. Upgrade immediately.
Upgrade immediately if you use any of these and please share this information with the larger WordPress community.
To learn more about SQL injection vulnerabilities or file upload vulnerabilities, visit ourWordPress Security Learning Center.
MyWordPress recommends WordFence Premium for every website. We assist with pre-installation testing, virus and trojan cleanup, WordFence installation and configuration setting for optimum security and live monitoring, plus we give your systems and processes a health check to ensure you’re following best practice as much as possible to keep your website protected.
