Researchers find “severe” flaw in WordPress plugin with 1 million installs

SQL injection bug in post published Monday. “If you’re using a vulnerable variation of this plugin, upgrade as soon as possible.”

To exploit the vulnerability, opponents would have to produce a function discovered in the PHP programming language referred to as the $container_ids string. Untrusted visitors might attain this versus websites that use the NextGEN Basic TagCloud gallery feature by making slight modifications to the gallery URL.

“With this understanding, an unauthenticated enemy could add extra sprintf/printf regulations to the SQL question and utilize $wpdb->> prepare’s habits to add assailant regulated code to the executed query,” Monday’s blog site post explained.For the attack to work, a site would have to be established to allow users to send posts to be evaluated. An assaulter could create an account on the site and submit a post which contains malformed NextGEN Gallery shortcodes.Mihajloski also explained a scenario under which privileged confirmed users might perform the attack.Sucuri has actually designated a severity score of 9 from a possible 10 points to the vulnerability, which was fixed in version 2.1.79 of the plugin. The< a href= upgrade changelog makes no referral to the vulnerability, so it's not clear how widely known the risk is. As Sucuri notes, site administrators who count on NextGEN Gallery must install the fix right away.


Written by 

Related posts