Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
June 28, 2023Rewterz Threat Alert – STRRAT Malware – Active IOCs
June 29, 2023Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
June 28, 2023Rewterz Threat Alert – STRRAT Malware – Active IOCs
June 29, 2023Severity
High
Analysis Summary
CVE-2023-3197 CVSS:9.8
MStore API Plugin for WordPress is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the admin-ajax.php script using the ‘id’ parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2023-3325 CVSS:8.1
CMS Commander plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by use of an insufficiently unique cryptographic signature in the cmsc_add_site function. An attacker could exploit this vulnerability to change the _cmsc_public_key in the plugin configurations.
CVE-2023-3388 CVSS:7.2
Beautiful Cookie Consent Banner plugin for WordPress s vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the nsc_bar_content_href parameter to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-3387 CVSS:6.4
Lana Text to Image plugin for WordPress s vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the lana_text_to_image and lana_text_to_img shortcode. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-3320 CVSS:6.1
WP Sticky Social plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the ~/admin/views/admin.php script. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-26013 CVSS:5.9
Strong Testimonials Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the DIAE_dmdsetHandler.ashx. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-25963 CVSS:5.9
JS Job Manager Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-25974 CVSS:5.9
Simple Slug Translate plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-26515 CVSS:5.9
Simple Slug Translate plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-26527 CVSS:5.9
Debug Assistant Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-26537 CVSS:5.9
WP No External Links Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-26541 CVSS:5.9
asMembe Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
Impact
- Data Manipulation
- Security Bypass
- Cross-site Scripting
Indicators Of Compromise
CVE
- CVE-2023-3197
- CVE-2023-3325
- CVE-2019-25152
- CVE-2023-3388
- CVE-2023-3387
- CVE-2023-3320
- CVE-2023-26013
- CVE-2023-25963
- CVE-2023-25974
- CVE-2023-26515
- CVE-2023-26527
- CVE-2023-26537
- CVE-2023-26541
Affected Vendors
WordPress
Affected Products
- MStore API Plugin for WordPress 4.0.1
- CMS Commander plugin for WordPress 2.287
- CMS Commander plugin for WordPress 2.286
- Beautiful Cookie Consent Banner plugin for WordPress 2.9.0W
- Beautiful Cookie Consent Banner Plugin for WordPress 2.10.1
- Lana Text to Image plugin for WordPress 0.9.9
- Lana Text to Image plugin for WordPress 1.0.0
- WP Sticky Social plugin for WordPress 1.0.0
- Strong Testimonials Plugin for WordPress 3.0.2W
- wp2syslog Plugin for WordPress 1.0.5
- Simple Slug Translate Plugin for WordPress 2.7.2
- WP No External Links Plugin for WordPress 1.0.2
- asMember Plugin for WordPress 1.5.4
Remediation
Upgrade to the latest version of WordPress Plugins, available from the WordPress Plugin Directory.