Thousands Of WordPress Sites Exposed 

More than 200,000 WordPress sites have less security which exposes them to attacks that target the Ultimate Member Plugin. This is a service designed to make it easier to allow users to add profiles, define roles, and create member directories. But this allows hackers to add new administrative accounts to the user group.

Tracked as CVE-2023-3460 (CVSS score of 9.8), the recently identified security defect in Ultimate Member lets attackers add a new user account to the administrators group. The defect is a Cross Site Request Forgery (CSRF).

A CSRF flaw means that site does not distinguish between intentional actions taken by the user and forged requests generated by a malicious link or script request. This CSRF flaw allowed attackers to forge a request on behalf of an administrator and inject code on a vulnerable site allowing potential attackers to remotely execute arbitrary code on websites running vulnerable Code Snippets installation.

A high severity CSRF bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the import menu.

Some of the plugin’s users have observed the creation of rogue accounts and reported them recently, but the attacks appear to have been ongoing at least since the beginning of June this year. WPScan, WordPress’s security firm, says that the bug is rooted in a conflict between the plugin’s blocklist logic and WordPress metadata keys. 

Hackers can exploit operational differences between the plugin and WordPress to trick Ultimate Member into updating the metadata keys. 

These keys include data that contain user role and capability information. WordPress advised site owners to disable the problematic plugin and closely monitor administrative accounts on their websites. While the WordPress plugin library doesn't provide daily downloads stats, roughly 58K users have downloaded and installed the latest version which means that at least 140K WordPress websites running this plugin are still exposed to potential takeover attacks.

Site owners who think they are at risk are advised to disable Ultimate Member to prevent exploitation of the vulnerability. They should also audit all administrator roles on their sites, to identify rogue accounts.

WPScan:  Cyware:   Threatpost:    Oodaloop:    Hacker News:   Security Week:   Bleeping Computer:   Techradar

You Might Also Read: 

WordPress Comprises 90% Of Hacked Sites:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« The Seven Stages Of Cyber Resilience:
Canada Might Lose Its Dispute With Google »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

International Conference on Information Systems Security & Privacy (ICISSP)

International Conference on Information Systems Security & Privacy (ICISSP)

The ICISSP event is a meeting point for researchers and practitioners to address security and privacy challenges concerning information systems.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

RiskIQ

RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence.

Lumen Technologies

Lumen Technologies

Lumen is an enterprise technology platform that enables companies to capitalize on emerging applications and power the 4th Industrial Revolution (4IR).

Worldline

Worldline

Worldline IIoT solutions allow industrial companies to start their digital transformation journey with industrial level cyber security standards (IEC 62443 ready).

Red Piranha

Red Piranha

Red Piranha's Crystal Eye Unified Threat Management Platform is designed for Managed Service Providers and corporations that need extreme security that is both easy to use and affordable.

Collins Aerospace

Collins Aerospace

Collins Aerospace provides cybersecurity services and systems to protect critical infrastructure facilities and railroad operations.

Peraton

Peraton

Peraton provides innovative solutions for the most sensitive and critical programs in government today, developed and executed by scientists, engineers, and other experts.

Opticks Security

Opticks Security

Opticks provides fraud detection and monitoring solutions for leading brands. agencies and networks. Our relentless mission is to deliver reliable and innovative software to beat digital fraud.

Oman Technology Fund (OTF)

Oman Technology Fund (OTF)

Oman Technology Fund aims to make Oman the preferred destination for emerging tech companies in the region, and an attractive and stimulating destination for venture capital.

Dropzone AI

Dropzone AI

Dropzone AI are creating a generational leap in SecOps by using AI to automate cyber expertise and tooling.

Cyber Unicorns

Cyber Unicorns

Cyber Unicorns is a cyber security consultancy created to help drive cyber security outcomes in the small to medium-sized business space.

Cloudbrink

Cloudbrink

Cloudbrink is purpose-built to deliver the industry’s highest performance connectivity to remote and hybrid workers, anywhere in the world.

AppSentinels

AppSentinels

Appsentinels are a group of security and technology experts with a mission to fix gaps in application security.

System360

System360

System360 is one of Houston's top suppliers of network administration, design, security, and support services.

Stern Cybersecurity

Stern Cybersecurity

Stern Cybersecurity offers a robust defense against the ever-evolving landscape of digital threats.