Menu
Flaw in WordPress caching plug-in could affect over 1 million sites

Flaw in WordPress caching plug-in could affect over 1 million sites

Attackers could exploit the vulnerability to inject malicious code into WP Super Cache admin pages, a researcher found

A vulnerability in the popular WP Super Cache plug-in for WordPress could allow attackers to inject malicious scripts into websites. The scripts, when loaded by administrators, could trigger unauthorized actions.

WordPress websites are a popular target for hackers and many of them are compromised due to plug-in vulnerabilities. Just on Tuesday, the FBI warned that attackers sympathetic to the extremist group ISIS -- also known as ISIL -- have defaced many websites by exploiting known vulnerabilities in WordPress plug-ins.

The persistent cross-site scripting (XSS) flaw in WP Super Cache can be exploited by sending a specifically crafted query to a WordPress website with the plug-in installed, according to Marc-Alexandre Montpas, a senior vulnerability researcher at Web security firm Sucuri.

The attack could be used to inject malicious scripts into a page that lists the files cached by the plug-in, and which is accessible only to administrators. As such, in order for the malicious code to be executed, the page must be viewed by an administrator.

"When executed, the injected scripts could be used to perform a lot of other things like adding a new administrator account to the site, injecting backdoors by using WordPress theme edition tools, etc.," Montpas, who found the vulnerability, said Tuesday in a blog post.

WP Super Cache can be used to optimize WordPress sites by converting dynamically generated pages into static HTML files that are then served to visitors. This can be very helpful for websites that receive a lot of traffic, because it reduces server resource and bandwidth consumption.

However, replacing PHP-generated pages with static, cached copies has its downfalls. The biggest one is that whenever there are changes to a page, the corresponding cached file needs to be regenerated.

As outlined in an older bug entry, after making tweaks to a page, administrators might need to look at the list of cached files to know which one to delete. So, the administrative action needed to exploit the vulnerability found by Montpas is not uncommon.

According to statistics from the official WordPress plug-in directory, the WP Super Cache plug-in has over one million active installations. In order to be protected, WordPress site owners should upgrade the plug-in to the latest version -- 1.4.4 at the time of this article.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags patchesintrusiononline safetysecuritySucuriExploits / vulnerabilities

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Show Comments