fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Brutal WordPress Plugin Bug Allows Subscribers To Wipe Sites

Brutal WordPress Plugin Bug Allows Subscribers To Wipe Sites

A high severity security flaw found in a WordPress plugin with more than 8,000 active installs can let authenticated attackers reset and wipe vulnerable websites.

The plugin in question, known as Hashthemes Demo Importer, is designed to help admins import demos for WordPress themes with a single, without dealing with installing any dependencies.

The security bug would allow authenticated attackers to reset WordPress sites and delete almost all database content and uploaded media.

Also Read: Things to Know about the Spam Control Act (Singapore)

Wordfence QA engineer and threat analyst Ram Gall explained that the plugin failed to properly perform nonce checks, leaking the AJAX nonce on vulnerable sites’ admin dashboard for all users, “including low-privileged users such as subscribers.”

As a direct consequence of this bug, logged-in subscriber-level users could abuse it to wipe all the content on sites running unpatched versions of Hashthemes Demo Importer.

“While most vulnerabilities can have destructive effects, it would be impossible to recover a site where this vulnerability was exploited unless it had been backed up,” Gall added.

Any logged-in user could trigger the hdi_install_demo AJAX function and provide a reset parameter set to true, resulting in the plugin running it’s database_reset function. This function wiped the database by truncating every database table on the site except for wp_options, wp_users, and wp_usermeta. Once the database was wiped, the plugin would then run its clear_uploads function, which deleted every file and folder in wp-content/uploads. — Ram Gall

Subscriber, one of the types of users who could wipe vulnerable sites, is a default WordPress user role (just as Contributor, Author, Editor, and Administrator) often enabled on WordPress sites to allow registered users to write comments on the website’s comment section.

They would typically only be able to edit their profile using the site’s dashboard without access to other admin pages.

Also Read: Completed DPIA Example: 7 Simple Helpful Steps To Create

While Wordfence reported the vulnerability the bug to the plugin’s development team on August 25, 2021, the developers did not reply to the disclosure messages for almost a month.

This prompted Wordfence to reach out to the WordPress plugins team on September 20, which led to the plugin’s removal the same day and the release of a patch addressing the bug four days later, on September 24.

However, Hashthemes Demo Importer’s developer did not mention the 1.1.2 release or the update on the plugin’s changelog page despite releasing a security update.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us