Feeds

Flaws open gates to WordPress en-masse SEO beat-down

Call for patching bound to fall on deaf ears.

Protecting against web application threats using SSL

Wordpress sites running the popular All in One SEO Pack plugin could have search rankings beaten down by readers and malicious code injected into pages due to dangerous vulnerabilities patched yesterday.

The flaws allowed hackers to launch privilege escalation and cross site scripting attacks against vulnerable sites running old versions below 2.1.6. The plugin has been downloaded nearly 19 million times.

Securi web dev and security analyst Marc-Alexandre Montpas disclosed the flaws found during a code audit to plugin developers and urged users to upgrade.

"If your site has subscribers, authors and non-admin users logging in to wp-admin ... if you have open registration, you are at risk," Montpas said in a post.

"In the first case, a logged-in user, without possessing any kind of administrative privileges could add or modify certain parameters used by the plugin [including] the post’s SEO title, description and keyword meta tags.

"... we also discovered this bug can be used with another vulnerability to execute malicious Javascript code on an administrator’s control panel [which] means that an attacker could potentially inject any JavaScript code and do things like changing the admin’s account password to leaving some backdoor in your website’s files in order to conduct even more 'evil' activities later."

The plugin was used to easily configure WordPress sites for search engine optimisation including link and meta tag generation.

The flaws were some of a laundry list affecting WordPress plugins which users often failed to patch.

In March, security firm Netcraft said it detected hacked WordPress blogs used to launch 12,000 phishing attacks in February alone. Many of the 27 million WordPress sites were vulnerable to brute force password attacks due to the "predictable location of the administrative interface and the still widespread use of the default 'admin' username", it said.

TimThumb was the most infamous vulnerable plugin in recent history. The image resizing utility allowed attackers to execute arbitrary PHP code in the image directory which facilitated the foisting of malware such as the defunct BlackHole exploit kit on many thousands of WordPress websites. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.