This Week in WordPress Vulnerabilities – SB18-057

wordpress vulnerabilities wordpress security

In a never-ending quest to get webmasters to think about WordPress security, here is the latest update from the U.S. Dept. of Homeland Security’s National Cyber Awareness System.  There were five new vulnerabilities discovered in four plugins in the WordPress ecosystem over the past couple of weeks.  They are all cross-site scripting (XSS) WordPress vulnerabilities.  The two vulnerabilities found in the UltimateMember 2.0 plugin include failing to sanitize both file uploads and image uploads.  The severities of these issues have not yet been calculated as of this writing.

Bottom line:  If you are using any of these plugins, please make sure they are updated.

Vulnerable WordPress Plugins:

 

Links to Patches for WordPress Vulnerabilities:

U.S. Department of Homeland Security US-CERT

 

 

SB18-057: Vulnerability Summary for the Week of February 19, 2018

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
wordpress — wordpress Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors. 2018-02-19 not yet calculated CVE-2015-2324
MISC
CONFIRM
wordpress — wordpress core/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable. 2018-02-16 not yet calculated CVE-2018-6944
MISC
wordpress — wordpress The Ninja Forms plugin before 3.2.14 for WordPress has XSS. 2018-02-21 not yet calculated CVE-2018-7280
CONFIRM
wordpress — wordpress core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable. 2018-02-16 not yet calculated CVE-2018-6943
MISC
wordpress — wordpress Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQuery.ajax request to ng-payment_details_dialog.js. 2018-02-11 not yet calculated CVE-2018-6891
MISC
MISC

 

For More Information:

A History of WordPress Security Exploits and What They Mean – WPMU DEV

WPScan Vulnerability Database

WordPress Core Vulnerability Database

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top
Call now!