Request a Demo
Rewterz
Rewterz Threat Alert – RedLine Stealer – Active IOCs
May 5, 2023
Rewterz
Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
May 5, 2023

Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-25787 CVSS:5.9

download-info-page Plugin for WordPress for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25786 CVSS:5.9

Eyes Only: User Access Shortcode Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25784 CVSS:5.9

Sticky Ad Bar Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25783 CVSS:5.9

FireCask Like & Share Button Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25798 CVSS:6.5

Olevmedia Olevmedia Shortcodes Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25797 CVSS:5.9

vSlider Multi Image Slider Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25796 CVSS:5.9

WP BaiDu Submit Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25792 CVSS:5.9

WP Open Social Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25789 CVSS:5.9

Tapfiliate Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

Impact

  • Cross-Site Scripting

Indicators Of Compromise

CVE

  • CVE-2023-25787
  • CVE-2023-25786
  • CVE-2023-25784
  • CVE-2023-25783
  • CVE-2023-25798
  • CVE-2023-25797
  • CVE-2023-25796
  • CVE-2023-25792
  • CVE-2023-25789

Affected Vendors

WordPress

Affected Products

  • download-info-page Plugin for WordPress 1.3.9
  • Eyes Only: User Access Shortcode Plugin for WordPress 1.8.2
  • Sticky Ad Bar Plugin for WordPress 1.3.1
  • FireCask Like & Share Button Plugin for WordPress 1.1.5
  • Olevmedia Olevmedia Shortcodes Plugin for WordPress 1.1.9
  • vSlider Multi Image Slider Plugin for WordPress 4.1.2
  • WP Open Social Plugin for WordPress 5.0
  • Tapfiliate Plugin for WordPress 3.0.12

Remediation

Upgrade to the latest version of WordPress Plugin, available from the WordPress Plugin Directory.

CVE-2023-25787

CVE-2023-25786

CVE-2023-25784

CVE-2023-25783

CVE-2023-25798

CVE-2023-25797

CVE-2023-25796

CVE-2023-25792

CVE-2023-25789