fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Ironic twist: WP Reset PRO Bug Lets Hackers Wipe WordPress Sites

Ironic twist: WP Reset PRO Bug Lets Hackers Wipe WordPress Sites

A high severity security flaw in the WP Reset PRO WordPress plugin can let authenticated attackers wipe vulnerable websites, as revealed by Patchstack security researchers.

It impacts only premium versions of the WP Reset plugin, up to and including the 5.98 release. This plugin is designed to help admins reset their entire site or selected parts to speed up debugging and testing, as well as restore from built-in snapshots with a single mouse click.

Also Read: The Financial Cost of Ransomware Attack

WP Reset’s free and open-source version is listed in the WordPress plugin repository as having over 300,000 active installations. The developer claims on the official website that the number of users has surpassed 400,000.

Patchstack CTO Dave Jong explained that the authenticated database reset vulnerability (tracked as CVE-2021-36909) is caused by a lack of authorization and nonce token check and can be exploited by any authenticated user, including low-privileged users such as subscribers.

Exploitation only requires passing a query parameter like “%%wp” to delete all tables in the database with the prefix wp. The attacker can then visit the website’s homepage to go through the WordPress installation process and create their own administrator account.

“It would wipe the site and would make it obvious that something happened, which is why it may not be exploited if a hacker has the intention to hide a backdoor or inject advertisements into the site,” Jong told BleepingComputer.

The plugin registers a few actions in the admin_action_* scope. In the case of this vulnerability, it’s admin_action_wpr_delete_snapshot_tables. Unfortunately, the admin_action_* scope does not perform a check to determine if the user is authorized to perform said action, nor does it validate or check a nonce token to prevent CSRF attacks. — Dave Jong

Critical issue for sites allowing open user registration

Subscriber is a default WordPress user role (just as Contributor, Author, Editor, and Administrator), often enabled to allow registered users to write comments on WordPress sites’ comment section. They are typically only able to edit their own profile using the site’s dashboard without access to the other admin pages.

Patchstack CEO Oliver Sild told BleepingComputer that the bug is “quite critical especially to e-commerce and other sites that have any registration open.”

Also Read: Lessons from PDPC Incident and Undertaking: August 2021 Cases

While, at first sight, this bug seems to be useful only for destructive purposes, Sild told BleepingComputer that it could also be exploited to gain access to other sites on the same server.

“If there is an old site forgotten to a subdirectory (we see that a lot) that has that plugin installed and the server environment is connected, then this would allow getting access to other sites in the same environment,” Sild said. “It’s a quite destructive vulnerability in its nature.”

The development team fixed the bug with the release of WP Reset PRO 5.99 on September 28, within 24 hours of Patchstack disclosure, by adding an authentication and authorization check.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us