Category: General|Jan 3, 2020 | Author: Admin

WP Database Reset Plugin Had Some ‘Easily Exploitable’ Vulnerabilities

Share on

Another threat to WordPress sites has surfaced online. Researchers have discovered some serious security vulnerabilities in the WP Database Reset plugin. What’s threatening with these vulnerabilities is their easily exploitable nature.

WP Database Reset Plugin Flaws Reportedly, researchers from Wordfence have spotted security flaws in one more WordPress plugin. This time, they found some ‘easily exploitable’ vulnerabilities in the WP Database Reset plugin.

As described in their blog post, the researchers found two different security issues with the plugin. The first of these is a critical severity bug (CVE-2020-7048) with a CVSS score of 9.1. This unauthenticated database reset issue could allow an adversary to reset any table in the database, thus causing data loss.

To trigger the flaw, the attacker would only have to send a malicious request to the site. Describing the impact of a possible exploit, the researchers stated,

A WordPress database stores all data that makes up the site including posts, pages, users, site options, comments, and more. With a few simple clicks and a couple of seconds, an unauthenticated user could wipe an entire WordPress installation clean if that installation was using a vulnerable version of this plugin.

The second vulnerability (CVE-2020-7047) was a privilege escalation bug with a high-severity rating and a CVSS score of 8.8.

This bug allowed any user with subscriber access to escalate privilege levels. In turn, the bug allowed the attacker to exploit the previous vulnerability as well. Explaining about the vulnerability, the researchers stated,

Any user authenticated as a subscriber and above had the ability to reset the wp_users table. Whenever the wp_users table was reset, it dropped all users from the user table, including any administrators, except for the currently logged-in user.

The user sending the request would automatically be escalated to the administrator, even if they were only a subscriber.

An adversary could therefore completely takeover of the target website, rendering the actual admins unable to gain access. The following video demonstrates the attack scenario.

Patch Released – Update Now! According to Wordfence, the vulnerabilities affected all previously available WP Database Reset plugin versions. Upon noticing the flaw, the researchers disclosed the vulnerabilities to the plugin developers, who then patched the bugs.

Consequently, WP Database Reset version 3.15 rolled out containing the patches for both bugs. Presently, the plugin boasts over 80,000 active installations, hence making thousands of sites vulnerable to potential exploits. Therefore, the users of this plugin must ensure updating their sites to the latest plugin version to stay safe. Let us know your thoughts in the comments.

 

Sponsored Ads:

Comments:


Apple ordered to pay back its illegal $14.4 billion Irish tax break

Category: Apple|Sep 11, 2024 | Author: Admin

Microsoft to start force-upgrading Windows 22H2 systems next month

Category: Microsoft|Sep 10, 2024 | Author: Admin

Mozilla extends Firefox support on unsupported Windows versions to March 2025

Category: IT|Sep 9, 2024 | Author: Admin

Apache fixes critical OFBiz remote code execution vulnerability

Category: IT|Sep 8, 2024 | Author: Admin

SonicWall SSLVPN access control flaw is now exploited in attacks

Category: IT|Sep 7, 2024 | Author: Admin

Microsoft Office 2024 to disable ActiveX controls by default

Category: Microsoft|Sep 6, 2024 | Author: Admin

LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks

Category: IT|Sep 5, 2024 | Author: Admin

Cisco warns of backdoor admin account in Smart Licensing Utility

Category: IT|Sep 4, 2024 | Author: Admin

D-Link says it is not fixing four RCE flaws in DIR-846W routers

Category: IT|Sep 3, 2024 | Author: Admin

The Google Play Store can finally update multiple apps at the same time

Category: Google|Sep 2, 2024 | Author: Admin

Now the iPhone buttons don't work

Category: Apple|Sep 1, 2024 | Author: Admin

Some Android smartphones have been found to contain a hidden security vulnerability

Category: General|Aug 31, 2024 | Author: Admin

Over 200 million users a week

Category: Apple|Aug 30, 2024 | Author: Admin

Chrome will redact credit cards, passwords when you share Android screen

Category: General|Aug 29, 2024 | Author: Admin

Google increases Chrome bug bounty rewards up to $250,000

Category: Google|Aug 28, 2024 | Author: Admin
more