wordpress vulnerabilities wordpress security

In a never-ending quest to get webmasters to think about WordPress security, here is the latest update from the U.S. Dept. of Homeland Security’s National Cyber Awareness System.  There were five new vulnerabilities discovered in four plugins in the WordPress ecosystem over the past couple of weeks.  They are all cross-site scripting (XSS) WordPress vulnerabilities.  The two vulnerabilities found in the UltimateMember 2.0 plugin include failing to sanitize both file uploads and image uploads.  The severities of these issues have not yet been calculated as of this writing.

Bottom line:  If you are using any of these plugins, please make sure they are updated.

Vulnerable WordPress Plugins:

 

Links to Patches for WordPress Vulnerabilities:

U.S. Department of Homeland Security US-CERT

 

 

SB18-057: Vulnerability Summary for the Week of February 19, 2018

Primary
Vendor — Product
DescriptionPublishedCVSS ScoreSource & Patch Info
wordpress — wordpressCross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors.2018-02-19not yet calculatedCVE-2015-2324
MISC
CONFIRM
wordpress — wordpresscore/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.2018-02-16not yet calculatedCVE-2018-6944
MISC
wordpress — wordpressThe Ninja Forms plugin before 3.2.14 for WordPress has XSS.2018-02-21not yet calculatedCVE-2018-7280
CONFIRM
wordpress — wordpresscore/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.2018-02-16not yet calculatedCVE-2018-6943
MISC
wordpress — wordpressBookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQuery.ajax request to ng-payment_details_dialog.js.2018-02-11not yet calculatedCVE-2018-6891
MISC
MISC

 

For More Information:

A History of WordPress Security Exploits and What They Mean – WPMU DEV

WPScan Vulnerability Database

WordPress Core Vulnerability Database