Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
June 28, 2023
Rewterz
Rewterz Threat Alert – STRRAT Malware – Active IOCs
June 29, 2023

Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-3197 CVSS:9.8

MStore API Plugin for WordPress is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the admin-ajax.php script using the ‘id’ parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2023-3325 CVSS:8.1

CMS Commander plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by use of an insufficiently unique cryptographic signature in the cmsc_add_site function. An attacker could exploit this vulnerability to change the _cmsc_public_key in the plugin configurations.

CVE-2023-3388 CVSS:7.2

Beautiful Cookie Consent Banner plugin for WordPress s vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the nsc_bar_content_href parameter to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-3387 CVSS:6.4

Lana Text to Image plugin for WordPress s vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the lana_text_to_image and lana_text_to_img shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-3320 CVSS:6.1

WP Sticky Social plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the ~/admin/views/admin.php script. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-26013 CVSS:5.9

Strong Testimonials Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DIAE_dmdsetHandler.ashx. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25963 CVSS:5.9

JS Job Manager Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-25974 CVSS:5.9

Simple Slug Translate plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-26515 CVSS:5.9

Simple Slug Translate plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-26527 CVSS:5.9

Debug Assistant Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-26537 CVSS:5.9

WP No External Links Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-26541 CVSS:5.9

asMembe Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

Impact

  • Data Manipulation
  • Security Bypass
  • Cross-site Scripting

Indicators Of Compromise

CVE

  • CVE-2023-3197
  • CVE-2023-3325
  • CVE-2019-25152
  • CVE-2023-3388
  • CVE-2023-3387
  • CVE-2023-3320
  • CVE-2023-26013
  • CVE-2023-25963
  • CVE-2023-25974
  • CVE-2023-26515
  • CVE-2023-26527
  • CVE-2023-26537
  • CVE-2023-26541

Affected Vendors

WordPress

Affected Products

  • MStore API Plugin for WordPress 4.0.1
  • CMS Commander plugin for WordPress 2.287
  • CMS Commander plugin for WordPress 2.286
  • Beautiful Cookie Consent Banner plugin for WordPress 2.9.0W
  • Beautiful Cookie Consent Banner Plugin for WordPress 2.10.1
  • Lana Text to Image plugin for WordPress 0.9.9
  • Lana Text to Image plugin for WordPress 1.0.0
  • WP Sticky Social plugin for WordPress 1.0.0
  • Strong Testimonials Plugin for WordPress 3.0.2W
  • wp2syslog Plugin for WordPress 1.0.5
  • Simple Slug Translate Plugin for WordPress 2.7.2
  • WP No External Links Plugin for WordPress 1.0.2
  • asMember Plugin for WordPress 1.5.4

Remediation

Upgrade to the latest version of WordPress Plugins, available from the WordPress Plugin Directory. 

CVE-2023-3197

CVE-2023-3325

CVE-2023-3388

CVE-2023-3387

CVE-2023-3320

CVE-2023-26013

CVE-2023-25963

CVE-2023-25974

CVE-2023-26515

CVE-2023-26527

CVE-2023-26537

CVE-2023-26541