Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum

News 

Critical RCE Bug in WordPress Plugin Let Hackers Gain Admin Access on 200,000 Website

0 Replies, 1498 Views

In The Name OF Allah
Al-Salam Alekum

[Image: wordpress+plugin+bug.jpg]

I told you looks like WP having and facing a big hole Big Grin

Quote:Researchers from Wordfence uncovered two RCE vulnerabilities in WordPress SEO plugin called Rank Math let hackers hijack nearly 200,000 vulnerable Websites and gain remote access.


Rank Math is an SEO plugin for WordPress and it gives various SEO features such as Setup Wizard, Google Schema Markup, Optimizes Unlimited Keywords with 200,000 active installations.

The first vulnerability is the most critical one that allows attackers to update arbitrary metadata, including the ability to grant or revoke administrative privileges.

The second vulnerability lets attackers redirect the victims to any website for their choice and any location on the site.

Rank Math’s one of the SEO features allow users to update Metadata on the post. To use this feature, plugin registered a REST-API endpoint that failed to include a permission_callback used for capability checking.

A function called “update_metadata” which you can see in the below image is used to update the slug existing posts or could be used to delete or update metadata for posts which enable this critical vulnerability and it can be exploited



The Source
Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug News 0 1,700 11-07-2020, 04:13 PM
Last Post: News
Star News Update Windows 10 to patch critical vulnerability in Microsoft store games News 0 1,666 11-06-2020, 04:22 AM
Last Post: News
Star News Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patc News 0 1,801 10-21-2020, 11:27 AM
Last Post: News
Star News US Warns: Hackers Chaining Zerologon, Other Vulnerabilities News 0 1,850 10-11-2020, 01:15 PM
Last Post: News
Star News APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elect News 0 1,766 10-10-2020, 07:06 AM
Last Post: News
Star News Photo Share Website 1.0 Cross Site Scripting ≈ Packet Storm News 0 1,475 10-03-2020, 05:29 AM
Last Post: News
Star News Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws News 0 1,508 09-02-2020, 02:17 PM
Last Post: News
Brick News Website Security Breach Exposes 1 Million DNA Profiles Mr.Kurd 0 1,565 07-25-2020, 10:25 PM
Last Post: Mr.Kurd
Exclamation News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely Mr.Kurd 0 1,687 06-12-2020, 08:24 AM
Last Post: Mr.Kurd
Exclamation News $100,000 Bounty Apple Zero-day Bug in “Sign in with Apple” Let Hackers Take Takeover Mr.Kurd 0 1,735 06-01-2020, 07:42 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)