ARTICLE AD BOX
SiteOrigin Widgets Bundle WordPress plugin with implicit 600,000 installations patched an authenticated stored cross-site scripting (XSS) vulnerability that could let attackers to upload arbitrary files and exposure tract visitors to malicious scripts.
SiteOrigin Widgets Bundle Plugin
The SiteOrigins Widgets plugin, with +600,000 progressive installations, provides a mode to easy adhd a multitude of widget functions similar sliders, carousels, maps, alteration the mode blog posts are displayed, and different utile webpage elements.
Stored Cross-Site Scripting Vulnerability
A Cross-Site Scripting (XSS) vulnerability is simply a flaw allows a hacker to inject (upload) malicious scripts. In WordPress plugins, these kinds of vulnerabilities originate from flaws successful however information that’s input is not decently sanitized (filtered for untrusted data) and besides from improperly securing output information (called escaping data).
This peculiar XSS vulnerability is called a Stored XSS due to the fact that the attacker is capable to inject the malicious codification to the server. According to the non-profit Open Worldwide Application Security Project (OWASP), the quality to motorboat an onslaught straight from the website makes it peculiarly concerning.
OWASP describes the stored XSS threat:
“This benignant of exploit, known arsenic Stored XSS, is peculiarly insidious due to the fact that the indirection caused by the information store makes it much hard to place the menace and increases the anticipation that the onslaught volition impact aggregate users. “
In an XSS attack, wherever a publication has successfully been injected, the attacker sends a harmful publication to an unsuspecting tract visitor. The user’s browser, due to the fact that it trusts the website, executes the file. This tin let the attacker to entree cookies, league tokens, and different delicate website data.
Vulnerability Description
The vulnerability arose due to the fact that of flaws successful sanitizing inputs and escaping data.
The WordPress developer leafage for information explains sanitization:
“Sanitizing input is the process of securing/cleaning/filtering input data. Validation is preferred implicit sanitization due to the fact that validation is much specific. But erstwhile “more specific” isn’t possible, sanitization is the adjacent champion thing.”
Escaping information successful a WordPress plugin is simply a information relation that filters retired unwanted output.
Both of those functions needed betterment successful the SiteOrigins Widgets Bundle plugin.
Wordfence described the vulnerability:
“The SiteOrigin Widgets Bundle plugin for WordPress is susceptible to Stored Cross-Site Scripting via the onclick parameter successful each versions up to, and including, 1.58.3 owed to insufficient input sanitization and output escaping.”
This vulnerability requires authentication earlier it tin beryllium executed, which means the attacker needs astatine slightest a contributor level entree successful bid to beryllium capable to motorboat an attack.
Recommended action:
The vulnerability was assigned a mean CVSS severity level, scoring 6.4/10. Plugin users should see updating to the latest version, which is mentation 1.58.5, though the vulnerability was patched successful mentation 1.58.4.
Read the Wordfence vulnerability advisory:
SiteOrigin Widgets Bundle <= 1.58.3 – Authenticated (Contributor+) Stored Cross-Site Scripting
.png)
English (US)