Request a Demo
Rewterz
Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs
December 27, 2023
Rewterz
Rewterz Threat Advisory – Fake WordPress Plugin Targets E-Commerce Sites for Credit Card Theft – Active IOCs
December 27, 2023

Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-49769 CVSS: 4.3

Integrate Google Drive Plugin for WordPress is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

CVE-2023-49744 CVSS: 5.4

Gift Up Gift Cards for WordPress and WooCommerce Plugin for WordPress is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

CVE-2023-49766 CVSS: 7.1

Ultimate Addons for Contact Form 7 plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-6316 CVSS: 9.8

MW WP Form Plugin for WordPress could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions when the “Saving inquiry data in database” option is enabled. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.

CVE-2023-49771 CVSS: 7.1

Smart External Link Click Monitor Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-47521 CVSS: 7.1

Q2W3 Post Order Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-6553 CVSS: 9.8

Backup Migration plugin for WordPress could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in /includes/backup-heart.php file. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-47871 CVSS: 8.8

Contact Form to Any API plugin for WordPress is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

CVE-2023-48287 CVSS: 8.8

TextMe SMS plugin for WordPress is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

CVE-2023-48777 CVSS: 8.8

Elementor Website Builder plugin for WordPress could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions by the template import function. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.

CVE-2023-47548 CVSS: 4.7

Integrate Google Drive Plugin for WordPress could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites.

CVE-2023-5761 CVSS: 9.8

Burst Statistics plugin for WordPress and Burst Statistics Pro plugin for WordPress are vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements using the url parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2023-6219 CVSS: 7.2

BookingPress Plugin for WordPress could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions by the bookingpress_process_upload function. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.

CVE-2023-48752 CVSS:7.1

Happyforms plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

Impact

  • Cross-Site Scripting
  • Code Execution
  • Gain Access

Indicators Of Compromise

CVE

  • CVE-2023-49769
  • CVE-2023-49744
  • CVE-2023-49766
  • CVE-2023-6316
  • CVE-2023-49771
  • CVE-2023-47521
  • CVE-2023-6553
  • CVE-2023-47871
  • CVE-2023-48287
  • CVE-2023-48777
  • CVE-2023-47548
  • CVE-2023-5761
  • CVE-2023-6219
  • CVE-2023-48752

Affected Vendors

WordPress

Affected Products

  • Integrate Google Drive Plugin for WordPress 2.2.24
  • Gift Up Gift Cards for WordPress and WooCommerce Plugin for WordPress 2.21.3
  • Themefic Ultimate Addons for Contact Form 7 plugin for WordPress 3.2.0
  • MW WP Form Plugin for WordPress 5.0.1
  • Smart External Link Click Monitor Plugin for WordPress 5.0.2
  • Q2W3 Post Order Plugin for WordPress 1.2.8
  • Backup Migration plugin for WordPress 1.3.7
  • Contact Form to Any API plugin for WordPress 1.1.6
  • TextMe SMS plugin for WordPress 1.9.0
  • Elementor Elementor Website Builder plugin for WordPress 3.18.1
  • Integrate Google Drive Plugin for WordPress 1.3.2
  • Burst Statistics plugin for WordPress 1.4.0
  • Burst Statistics Pro plugin for WordPress 1.4.0
  • BookingPress plugin for WordPress 1.0.30
  • Happyforms plugin for WordPress 1.21.0
  • Happyforms plugin for WordPress 1.20.0

Remediation

Refer to WordPress Plugin Directory for patch, upgrade, or suggested workaround information.

CVE-2023-49769

CVE-2023-49744

CVE-2023-49766

CVE-2023-6316

CVE-2023-49771

CVE-2023-47521

CVE-2023-6553

CVE-2023-47871

CVE-2023-48287

CVE-2023-48777

CVE-2023-47548

CVE-2023-5761

CVE-2023-6219

CVE-2023-48752