Skip to:
Content
Pages
Categories
Search
Top
Bottom

XSS Vulnerability Affecting Multiple WordPress Plugins


  • mcpeanut
    Participant

    @mcpeanut

    hi all i dont know how widespread this is and if it effects anything buddypress related, if this has been posted in the last week or so i apologize as i havent been around, this was just brought to my attention via an email from code canyone where i have a few premium plugins

    THE BELOW ARTICLE WAS PUBLISHED ON THE 20TH OF APRIL AT SECURITY ADVISOR

    Multiple WordPress Plugins are vulnerable to Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are popular functions used by developers to modify and add query strings to URLs within WordPress.

    The official WordPress Official Documentation (Codex) for these functions was not very clear and misled many plugin developers to use them in an insecure way. The developers assumed that these functions would escape the user input for them, when it does not. This simple detail, caused many of the most popular plugins to be vulnerable to XSS.

    To date, this is the list of affected plugins:

    Jetpack
    WordPress SEO
    Google Analytics by Yoast
    All In one SEO
    Gravity Forms
    Multiple Plugins from Easy Digital Downloads
    UpdraftPlus
    WP-E-Commerce
    WPTouch
    Download Monitor
    Related Posts for WordPress
    My Calendar
    P3 Profiler
    Give
    Multiple iThemes products including Builder and Exchange
    Broken-Link-Checker
    Ninja Forms

    this is a link to the article
    https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html

Viewing 6 replies - 1 through 6 (of 6 total)

  • danbp
    Participant

    @danbp

    Thank you for the information.
    BP dev’s already handled this issue.

    BuddyPress 2.2.3 – Security Release

    Latest updates avaible:
    WordPress 4.2 & BuddyPress 2.2.3.1 & bbPress 2.5.7

    As usual, you’re invited to update your install as soon a security version is avaible.


    mcpeanut
    Participant

    @mcpeanut

    ahh cool dan i wasnt aware as ive been offline for the past week or so traveling bud, cheers for the link.


    mcpeanut
    Participant

    @mcpeanut

    @danbp hey dan their seems to also be a very big risk with the wordpress commenting system that i have come across from various wordpress expert groups on fb today, and i believe that wordpress are refusing communication on this matter, please take a look at these 2 links, this could affect anyone using the commenting system with buddypress installs too.

    below is a fix that has been found

    https://blog.anantshri.info/temp_fix_wordpress_comment_xss

    and this is a video showing you the 0 day exploit being executed used and tested.

    video doesn’t seem to format here properly i suggest doing a youtube search for it


    danbp
    Participant

    @danbp

    Thanks @mcpeanut,

    By default, WordPress is automatically updated when a security release is commited.
    All my sites are already patched.
    Probably yours also. 😉

    If you’re a network user, sub sites ARE NOT automatically updated, so you have to check this manually. Normally this is mentionned on your network dashboard.


    mcpeanut
    Participant

    @mcpeanut

    @danbp yes im always bang up to date pal, it just isnt worth the risk i was just posting this as a warning really to those who dont seem to think they have to update and the video may just make them think twice 🙂


    Henry Wright
    Moderator

    @henrywright

    Hey @mcpeanut!

    The pandemonium is rarely related to WordPress core or BuddyPress core (the core devs usually issue a fix before we even know there’s a problem). So it’s a great idea to keep up to date as you’ve already mentioned.

    The tricky part arrives when we look at plugins. Whilst WordPress does everything it can to make plugin developers aware of security issues, fixes are ultimately down to the plugin author. It’s always a good idea to use plugins that are activity maintained and supported. The same could be said for themes actually.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘XSS Vulnerability Affecting Multiple WordPress Plugins’ is closed to new replies.
Skip to toolbar