Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Newsletter plugin bugs let hackers inject backdoors on 300K sites
#1
[Image: eAD8ZpO.jpg]

Quote:Owners of WordPress sites who use the Newsletter plugin are advised to update their installations to block attacks that could use a fixed vulnerability allowing hackers to inject backdoors, create rogue admins, and potentially take over their websites.

The vulnerability was found in the Newsletter WordPress plugin that provides the tools needed to create responsive newsletter and email mail marketing campaigns on WordPress blogs using a visual composer.

Newsletter has already been downloaded over 12 million times since it was added to the official WordPress plugin repository and is now installed on more than 300,000 sites.

Patched within two days

In a report published today by Wordfence's Threat Intelligence team, threat analyst Ram Gall says that he discovered two additional security flaws while analyzing a previous patched published by the plugin's developers on July 13.

Wordfence spotted a reflected Cross-Site Scripting (XSS) flaw and a PHP Object Injection vulnerability that were both fully patched by Newsletter's development team on July 17 with the release of version 6.8.3, two days after the initial report sent on July 15.

While the two flaws are rated as medium and high severity issues that could allow attackers to add rogue admins and inject backdoors after successfully exploiting the reflected XSS issue on sites running vulnerable versions of the Newsletter plugin.

Additionally, the PHP Object Injection flaw "could be used to inject a PHP object that might be processed by code from another plugin or theme and used to execute arbitrary code, upload files, or any number of other tactics that could lead to site takeover," according to Gall.

Continue HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Microsoft seizes sites used by APT15 Chinese state hackers mrtrout 0 965 12-07-2021 , 11:16 AM
Last Post: mrtrout
  New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems Bjyda 0 900 03-29-2021 , 05:07 PM
Last Post: Bjyda
  F5 urges customers to patch 4 critical BIG-IP pre-auth RCE bugs Bjyda 0 876 03-11-2021 , 10:48 PM
Last Post: Bjyda
  SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product mrtrout 0 824 01-23-2021 , 10:06 PM
Last Post: mrtrout
  Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs mrtrout 0 1,109 09-14-2020 , 07:32 PM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)