WordPress 2021 二月資安新訊

二月份的風險通報中，有幾個知名的外掛被報出漏洞，包括 NextGen Gallery 和 LiteSpeed Cache，剛好我們手邊就有一個舊站也有安裝 NextGen Gallery，因為漏洞而發生了全站前台資料被置換的狀況，若有使用這個外掛需要儘快更新。

名單如下:

1. All In One WP Security & Firewall

相關漏洞: Authenticated cross-site scripting (XSS)
已修正版本: 4.4.6

2. Responsive Menu – Create Mobile-Friendly Menu

相關漏洞: Cross-site request forgery (CSRF) leading to arbitrary file upload, cross-site request forgery (CSRF) leading to setting modification, and authenticated arbitrary file upload vulnerability
已修正版本: 4.0.4

3. Map Block for Google Maps

相關漏洞: Google API key manipulation
已修正版本: 1.32

4. Welcart e-Commerce

相關漏洞: SQL injection (SQLi)
已修正版本: 2.0.1

5. NextGen Gallery

相關漏洞: Cross-site request forgery (CSRF) leading to XSS and RCE via file upload and LFI
已修正版本: 3.5.0

6. Backup by Supsystic

相關漏洞: Local file inclusion (LFI)
已修正版本: 未知 – 外掛已關閉

7. Contact Form by Supsystic

相關漏洞: Stored cross-site scripting (XSS) and SQL injection (SQLi)
已修正版本: 1.7.7

8. Data Tables Generator by Supsystic

相關漏洞: Stored cross-site scripting (XSS) and SQL injection (SQLi)
已修正版本: 1.9.97

9. Digital Publications by Supsystic

相關漏洞: Stored cross-site scripting (XSS) and path traversal and DoS vulnerability
已修正版本: 未知 – 外掛已關閉

10. Membership by Supsystic

相關漏洞: SQL injection (SQLi)
已修正版本: 未知 – 外掛已關閉

11. Newsletter by Supsystic

相關漏洞: SQL injection (SQLi)
已修正版本: 未知 – 外掛已關閉

12. Like Button Rating ♥ LikeBtn

相關漏洞: Unauthenticated server-side request forgery (SSRF)
已修正版本: 2.6.32

13. Wyzi Premium

相關漏洞: Cross-site scripting (XSS)
已修正版本: 2.4.3

14. Paid Memberships Pro

相關漏洞: Insecure direct object reference & sensitive information disclosure
已修正版本: 2.5.3

15. Ultimate GDPR & CCPA Compliance Toolkit for WordPress

相關漏洞: Unauthenticated settings import & export vulnerability
已修正版本: 2.5

16. Contact Form 7 Style

相關漏洞: Cross-site request forgery (CSRF) leading to stored cross-site scripting (XSS)
已修正版本: 未知

17. MStore API

相關漏洞: Bypass vulnerability in Apple login authentication method
已修正版本: 3.2.0

18. Photo Gallery by 10Web

相關漏洞: Cross-site scripting (XSS)
已修正版本: 1.5.68

19. WP Editor

相關漏洞: SQL injection (SQLi)
已修正版本: 1.2.7

20. uListing

相關漏洞: Unauthenticated arbitrary account creation/change, unauthenticated arbitrary post/page deletion, unauthenticated arbitrary roles and capabilities creation/deletion, multiple unauthenticated SQL injection (SQLi), unauthenticated information disclosure
已修正版本: 1.7

21. Contact Form 7 Database Addon – CFDB7

相關漏洞: Insufficient input sanitization leading to authenticated SQL injection (SQLi)
已修正版本: 1.2.5.4

22. Doneren met Mollie

相關漏洞: Authenticated information disclosure vulnerability
已修正版本: 2.8.5

23. Digital Climate Strike WP

相關漏洞: Redirect to malicious websites
已修正版本: 未知

24. Under Construction

相關漏洞: Authenticated stored cross-site scripting (XSS)
已修正版本: 3.86

25. 123ContactForm

相關漏洞: Arbitrary file upload, arbitrary post creation, and validation bypass via plugin verification
已修正版本: 未知 – 外掛已關閉

26. 301 Redirects – Easy Redirect Manager

相關漏洞: Authenticated SQL injection (SQLi)
已修正版本: 2.5.1

27. Stockdio Historical Chart

相關漏洞: Cross-site scripting (XSS)
已修正版本: 2.8.1

28. FV Flowplayer Video Player

相關漏洞: Authenticated stored cross-site scripting (XSS)
已修正版本: 7.4.38.727

29. Simple Job Board

相關漏洞: Authenticated directory traversal
已修正版本: 2.9.4

30. Orbit Fox by ThemeIsle

相關漏洞: Authenticated stored cross-site scripting (XSS) & authenticated privilege escalation
已修正版本: 2.10.3

31. Elementor Contact Form DB

相關漏洞: Cross-site request forgery (CSRF) via backend admin pages
已修正版本: 1.6

32. Custom Global Variables

相關漏洞: Stored cross-site scripting (XSS)
已修正版本: 未知

33. WP24 Domain Check

相關漏洞: Stored cross-site scripting (XSS)
已修正版本: 未知

34. Stripe Payments

相關漏洞: Authenticated stored cross-site scripting (XSS)
已修正版本: 2.0.40

35. WP-Paginate

相關漏洞: Authenticated stored cross-site scripting (XSS)
已修正版本: 2.1.4

36. Contact Form Submissions

相關漏洞: Authenticated double query SQL injection (SQLi) vulnerability
已修正版本: 未知

相關漏洞: Authenticated SQL injection (SQLi) vulnerability
已修正版本: 未知

37. Site Offline Or Coming Soon Or Maintenance Mode

相關漏洞: Multiple cross-site request forgery (CSRF) vulnerabilities
已修正版本: 1.4.4

38. Newsletter Manager

相關漏洞: Unauthenticated insecure deserialization vulnerability
已修正版本: 未知 – 外掛已關閉

39. Internal Links Manager

相關漏洞: Stored cross-site scripting (XSS) and cross-site request forgery (CSRF), and authenticated shell upload
已修正版本: 未知 – 外掛已關閉

40. Thumbnail carousel slider

相關漏洞: Stored cross-site scripting (XSS) and cross-site request forgery (CSRF), and authenticated shell upload
已修正版本: 1.0.1

41. LiteSpeed Cache

相關漏洞: Authenticated Stored Cross-Site Scripting (XSS)
已修正版本: 3.6.1

42. Adning Advertising – Professional, All In One Ad Manager for WordPress

相關漏洞: Arbitrary File Upload vulnerability
已修正版本: 1.5.6

參考來源:
WebARX – WordPress Vulnerability News, February 2021
Wordfence – Severe Vulnerabilities Patched in NextGen Gallery Affect over 800,000 WordPress Sites