15 plugins with serious security holes in WordPress 2011

WordPress, and not only that site, but many sites have been hacked these days, so I decided to visit one of the sites that shows the latest exploits, which is the exploit-db. Every month a new bug is uploaded, especially since February 10 bugs were discoveredYou should always upgrade the plugins so that the ax does not fall in the head and your blog becomes a corridor for hackers or experiment mice

These are the names of the various changes in the additions that we will mention, meaning the most and most dangerous gaps in this list:

LFI Vulnerability
Remote and Local Code Execution Vulnerability
Multiple Vulnerabilities
Remote Code Exec Exploit
SQL Injection Vulnerability
Stored XSS Vulnerability
Remote File Upload Vulnerability

I mean, the list included the most powerful loopholes in web applications, now we move to the additions to see each addition and the vulnerability infected with it, we start with the last addition in which a loophole was discovered

WP Custom Pages

This add-on is infected with the LFI Vulnerability vulnerability, which means that any file can be read by this vulnerability

  1. Infected version 0.5.0.1
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

BackWPup

The extension is infected with the Remote and Local Code Execution Vulnerability vulnerability, which means that the hacker can apply commands inside the server, such as reading files or applying a specific command to a system remotely and from within.

  1. Infected version 1.6.1
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

GRAND Flash Album Gallery

This add-on contains two exploits, which are LFI and SQL injection, which is one that enables reading sensitive files such as wp-config.php, and a second vulnerability that enables database injection

  1. Infected version 0.55
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

PHP Speedy

For this add-on, it contains a vulnerability of the Remote Code Exec Exploit that enables the hacker to apply commands in the server, such as displaying the user profiles in the server, which simply means that he has an ssh account.

  1. Infected version 0.5.2
  2. Add page on the official website from here
  3. The exploit is on the exploit-db website from here

OPS Old Post Spinner

This add-on is infected with the LFI Vulnerability vulnerability, which means that any file can be read by this vulnerability

  1. Infected version 2.2.1
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

jQuery Mega Menu

This add-on is also affected by the LFI Vulnerability vulnerability, which means that any file can be read by this vulnerability.

  1. Infected version 1.0
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

IWantOneButton

This add-on contains two exploits, namely XSS and SQL injection. The first enables the hacker to pull cookies from your computer and use them to enter the control panel. In fact, this vulnerability does not secure it. The hacker can use crooked methods and mislead you until he reaches his goal, and the second loophole enables injecting the database and extracting the user’s user. The password is encrypted

  1. Infected version 1.0
  2. Add site here
  3. The exploit is on the exploit-db website from here

WP Forum Server

This add-on contains an SQL injection vulnerability that enables injecting the database and extracting the user’s username and the password is encrypted.

  1. Infected version 1.6.5
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

Relevanssi

This add-on contains a vulnerability of the type Stored XSS Vulnerability that enables the hacker to pull cookies from your computer and use them to enter the control panel

  1. Infected version 2.7.2
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

GigPress

Also, this add-on contains the same Stored XSS Vulnerability vulnerability that enables the hacker to pull cookies from your computer and use them to enter the control panel.

  1. Infected version 2.1.10
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

Comment Rating

This plugin contains two SQL injection vulnerabilities that enable database injection and the second loophole Path disclosure is not as dangerous as other vulnerabilities, but it displays the path of the site, which often contains the name of the user that led to help in the process of guessing the password of the site control panel or ftp

  1. Infected version 2.9.23
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

Z-Vote

The plugin contains a SQL injection vulnerability that enables database injection

  1. Infected version 1.1
  2. The WordPress plugin page has been removed
  3. The exploit is on the exploit-db website from here

User Photo

The extension contains a vulnerability of the type Remote File Upload Vulnerability that enables the hacker to upload files that help him control the site (phpshell), and this is the easiest way

  1. Infected version 0.9.4
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

Enable Media Replace

This add-on also contains a SQL Inection Vulnerabilities vulnerability, as we mentioned previously, which enables the hacker to inject the database and extract the password and the user.

  1. Infected version 2.3
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

Mingle Forum

This add-on also contains a vulnerability of the type SQL Inection Vulnerabilities and also contains a loophole of type Auth Bypass This type enables the hacker to bypass the login page and therefore he can modify any page or topic in the add-on

  1. Infected version 1.0.26
  2. WordPress plugin page from here
  3. The exploit is on the exploit-db website from here

Important Tips

  1. Upgrading the addition is the easiest thing to do, that is, do not compromise in that
  2. Use the robots.txt file to prevent search engines from archiving your add-ons folders because most hackers do not target, but the hack is random, that is, they use search engines to find out which sites contain infected add-ons
  3. Before installing the plugin, search the exploit-db.com site. Does it contain a vulnerability? If you find that it is infected, visit its official website to make sure there is a patch.

If you have any questions, please leave a comment and don’t forget to subscribe to our mailing list. Thank you very much

Peace, mercy and blessings of God

Leave a Comment