WordPressのコア、プラグイン、テーマの脆弱性
- 2021年7月19日
- 2020年11月5日
WordPressの脆弱性情報はメルマガに移動しました。
毎週その週に見つかったWordPressの脆弱性の情報が送られてきます。
プラグイン
02/18/2021-02/25/2021
- – eCommerce Product Catalog < 3.0.18 – CSRF Nonce Bypass
- – Better Search < 2.5.3 – CSRF Nonce Bypass in Import/Export
- – Process Steps Template Designer < 1.3 – CSRF to Stored Cross-Site Scripting (XSS)
- – Custom Banners < 3.3 – CSRF Nonce Bypass in saveCustomFields
- – Backup Guard < 1.6.0 – Authenticated Arbitrary File Upload
- – Testimonial Rotator <= 3.0.3 – Authenticated Stored Cross-Site Scripting
- – QuadMenu < 2.0.7 – Unauthenticated RCE via compiler_save
- – WP Content Plus < 3.2 – CSRF Nonce Bypass
- – Photo Gallery by 10web < 1.5.69 – Reflected Cross-Site Scripting (XSS)
- – YITH WooCommerce Gift Cards Premium < 3.3.1 – RCE via Arbitrary File Upload
02/09/2021-02/17/2021
- All In One WP Security & Firewall < 4.4.6 – Authenticated Cross-Site Scripting (XSS)
- Responsive Menu < 4.0.4 – CSRF to Arbitrary File Upload
- Map Block for Google Maps < 1.32 – Unauthorised Google API Key change
- Post SMTP Mailer/Email Log < 2.0.21 – CSRF Nonce Bypass
- Theme Editor < 2.6 – Authenticated Arbitrary File Download
- Zebra_Form Library <= 2.9.8 – Reflected Cross-Site Scripting (XSS)
02/01/2021-02/08/2021
- Contact Form 7 Style <= 3.1.9 – Cross-Site Request Forgery to Stored Cross-Site Scripting
- Ultimate GDPR & CCPA Compliance Toolkit < 2.5 – Unauthenticated Plugin Settings Export and Import
- Name Directory < 1.18 – Cross-Site Request Forgery (CSRF)
- Paid Membership Pro < 2.5.3 – Unauthorised Order Information Disclosure
- Like Button Rating < 2.6.32 – Unauthenticated Full-Read SSRF
- NextGen Gallery < 3.5.0 – CSRF allows File Upload
- NextGen Gallery < 3.5.0 – CSRF allows File Upload, Stored XSS, and RCE
- Ultimate Maps by Supsystic <= 1.1.14 – Authenticated SQL Injection
- Pricing Table by Supsystic <= 1.8.8 – Authenticated SQL Injection
- Pricing Table by Supsystic <= 1.8.8 – Authenticated Stored Cross-Site Scripting
- Newsletter by Supsystic <= 1.5.6 – Authenticated SQL Injection
- Membership by Supsystic <= 1.5.0 – Authenticated SQL Injection
- Digital Publications by Supsystic <= 1.6.11 – Authenticated Stored Cross-Site Scripting (XSS)
- Digital Publications by Supsystic <= 1.6.11 – Authenticated Path Traversal
- Data Tables Generator by Supsystic <= 1.9.99 – Authenticated SQL Injection
- Data Tables Generator by Supsystic <= 1.9.99 – Authenticated Stored Cross-Site Scripting (XSS)
- Contact Form by Supsystic <= 1.7.8 – Authenticated SQL Injection
- Contact Form by Supsystic < 1.7.7 – Authenticated Stored Cross-Site Scripting (XSS)
- Backup by Supsystic <= 2.3.9 – Authenticated Arbitrary File Download and Deletion
- WP Amour < 1.5.7 – Authenticated Stored Cross-Site Scripting (XSS)
- Welcart e-Commerce < 2.1.1 – Authenticated SQL Injection
01/06/2021~01/12/2021
- Advanced Custom Fields < 5.8.12 – Cross-Site Scripting in Select2 dropdowns
- Elementor < 3.0.14 – SVG Upload Allowed by Default
- Modal Survey < 2.0.1.8.2 – Authenticated PHP Object Injection
- Modal Survey < 2.0.1.8.2 – Unauthenticated Arbitrary Survey Update, Deletion and Creation
- Modal Survey < 2.0.1.8.2 – Authenticated Reflected Cross-Site Scripting (XSS)
- Custom Global Variables <= 1.0.5 – Stored Cross-Site Scripting (XSS)
12/18/2020~12/23/2020
- Contact Form 7 < 5.3.2 – Unrestricted File Upload
- Simple Social Buttons < 3.2.1 – Unauthenticated Reflected Cross-Site Scripting
- Simple Social Buttons < 3.2.0 – Reflected Cross-Site Scripting
- Envira Gallery Lite < 1.8.3.3 – Authenticated Stored Cross-Site Scripting
12/10/2020~12/17/2020
- Redux Framework 4.1.22 – 4.1.23 – CSRF Nonce Validation Bypass
- Redux Framework < 4.1.21 – CSRF Nonce Validation Bypass
- Total Upkeep by BoldGrid <= 1.14.9 – Unauthenticated Backup Download
- Total Upkeep by BoldGrid <= 1.14.9 – Sensitive Data Disclosure (Server IP Address, UID etc)
- Directories Pro < 1.3.46 – Authenticated Self-Reflected Cross-Site Scripting
- Directories Pro < 1.3.46 – Authenticated Reflected Cross-Site Scripting
- Ultimate Category Excluder < 1.2 – Cross-Site Request Forgery
- Pagelayer < 1.3.5 – Multiple Reflected Cross-Site Scripting (XSS)
- DiveBook <= 1.1.4 – Unauthenticated SQL Injection
- DiveBook <= 1.1.4 – Unauthenticated Reflected XSS
- DiveBook <= 1.1.4 – Improper Authorisation Check
12/03/2020~12/09/2020
- Themify Portfolio Post < 1.1.6 – Authenticated Stored Cross-Site Scripting
- Easy WP SMTP < 1.4.3 – Debug Log Disclosure
11/27/2020~12/02/2020
- Profile Builder & Profile Builder Pro < 3.3.3 – Authenticated Blind SQL Injection
- Age Gate <= 2.13.4 – Unauthenticated Open Redirect
- BuddyPress < 6.4.0 – Lack of Capability Check on Profile Page
11/20/2020~11/26/2020
- Contextual Related Posts < 2.9.4 – CSRF Nonce Validation Bypass
- Anti-Spam by CleanTalk < 5.149 – Multiple Authenticated SQL Injections
- Weforms <= 1.4.7 – CSV Injection
- Easy Registration Forms <= 2.0.6 – CSV Injection
- Import and export users and customers < 1.16.3.6 – CSV Injection
- Secure File Manager – Authenticated Remote Command Execution
- Media Library Assistant < 2.90 – Authenticated Blind SQL Injection
- WP Google Map Plugin <= 4.1.3 – Authenticated SQL Injection
- Events Manager <= 5.9.8.1 – Authenticated Stored Cross-Site Scripting
- WPJobBoard < 5.7.0 – Unauthenticated SQL Injection
11/05/2020~11/19/2020
- Fancy Product Designer < 4.5.1
11/04/2020~11/12/2020
- Ultimate Member
10/22/2020~11/03/2020
- GDPR CCPA Compliance Support < 2.4
- AccessPress Social Icons < 1.8.1
- Advanced Booking Calendar < 1.6.2
- SW Ajax WooCommerce Search < 1.2.8