Take a Virtual, Interactive Tour 

Cyber Security

  |  
3 Min Read

WordPress can't catch a break with vulnerabilities.

Seems like WordPress can't catch a break. Another zero-day vulnerability in a plugin for WordPress which has been installed in more than 500,000 sites. In this particular vulnerability, it allows hackers to reset passwords for admin accounts.

 

dims



This vulnerability was used for weeks on end and thankfully was patched Monday. It was able to impact Easy WP SMTP which is a plugin to let site owners to configure SMTP settings for outgoing emails. A company called Ninja Technologies Network or NinTechNet for short. They state that Easy WP SMTP 1.4.2 and older versions have a feature that creates debug logs for all emails and is stored in the installation folder.


"The plugin's folder doesn't have any index.html file, hence, on servers that have directory listing enabled, hackers can find and view the log," said NinTechNet's Jerome Bruandet. He also says that sites still running on these outdated versions the hackers have been able to automate the attacks to identify the admin account and do a password reset.


Since a password reset involves sending an email with the password reset link to the account, that very email is displayed in the Easy WP SMTP debug log. So, the attacker can grab the reset link and take over the account.


"This vulnerability is currently exploited, make sure to update as soon as possible to the latest version," Bruandet warned earlier this week on Monday.


Now there is Easy WP SMTP 1.4.4 which the developers found a workaround for the vulnerability by moving the debug logs into the WordPress logs folder. This is now the second vulnerability as the first one was found back in March of 2019 with the same plugin. 


That vulnerability allowed backdoors on accounts. While it's an unfortunate situation this time with WordPress 5.5 where it has an auto-update feature, so an admin doesn't need to update it manually. But the question is if those sites are updated and have the auto-update feature enabled.

Hopefully a good admin who checks and updates regularly enable the auto-update to avoid this plugin mess.

Comment

GitHub Wants Your Policy Proposals

In light of the recent leak of Twitch’s source code (over 6,000 private GH repositories) and other information, through a 125GB data torrent over 4chan.org, GitHub (GH) is now stepping up their ...
Picture of Micah Turpin Micah Turpin 3 Min Read

Golang the new standard for malware langauge?

In a recent security report by cybersecurity firm Intezer, they reported that a huge spike of malware strains being coded in Go programming has increased about 2,000% in recent years.

VMware vulnerability leaves about 6,700 servers ripe for the picking.

VMware vCenter servers have been hit in a new attack which left them exposed and vulnerable by the hackers which allowed them to take over any unpatched machine and take over companies' entire ...