The Jetpack Scan group has revealed a abstract of two points not too long ago found within the WP Quickest Cache plugin – an Authenticated SQL Injection vulnerability and a Saved XSS Through CSRF vulnerability.
“If exploited, the SQL Injection bug may grant attackers entry to privileged data from the affected web site’s database (e.g., usernames and hashed passwords),” Automattic safety analysis engineer Marc Montpas stated. This explicit vulnerability can solely be exploited on websites the place the Basic Editor plugin is each put in and activated.
“Efficiently exploiting the CSRF and Saved XSS vulnerability may allow dangerous actors to carry out any motion the logged-in administrator they focused is allowed to do on the focused web site,” Montpas stated. He additionally discovered that attackers may “abuse a few of these choices to retailer rogue Javascript on the affected web site.”
WP Quickest Cache is energetic on greater than 1 million WordPress websites, and the plugin additionally studies 58,322 paid customers. Emre Vona, the plugin’s creator, patched the vulnerabilities in model 0.9.5, launched this week. Jetpack recommends customers replace as quickly as attainable, as each vulnerabilities have a excessive technical impression if exploited.