Rewterz Threat Advisory – Multiple Jenkins Orka by MacStadium Plugin Vulnerabilities
January 30, 2023Rewterz Threat Advisory – Multiple Jenkins TestQuality Updater Plugin Vulnerabilities
January 30, 2023Rewterz Threat Advisory – Multiple Jenkins Orka by MacStadium Plugin Vulnerabilities
January 30, 2023Rewterz Threat Advisory – Multiple Jenkins TestQuality Updater Plugin Vulnerabilities
January 30, 2023Severity
Medium
Analysis Summary
Some of the Common Vulnerabilities and Exposures (CVE) numbers assigned to security vulnerabilities found in WordPress plugins are listed below in the advisory. These vulnerabilities can be exploited by attackers to take control of affected websites, steal sensitive information, or perform other malicious actions. These CVE numbers refer to different vulnerabilities that affect different plugins or versions of plugins.
To mitigate the risk of these vulnerabilities, it is recommended to keep WordPress and all plugins up to date, to follow best practices for securing a WordPress website, and to regularly monitor the site for any signs of compromise.
If you are using any of the plugins listed in the CVE numbers, you should check the vendor’s website for information about the vulnerabilities and any available patches or updates. It is important to stay vigilant and take appropriate measures to secure your website and protect your sensitive information.
The CVE numbers include:
CVE-2022-4704 CVSS:5.4
Royal Elementor Addons plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the wpr_import_templates_kit AJAX action. An attacker could exploit this vulnerability to import preset site configuration templates including images and settings.
CVE-2022-4702 CVSS:5.4
Royal Elementor Addons plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the wpr_fix_royal_compatibility AJAX action. An attacker could exploit this vulnerability to deactivate every plugin on the site unless it is part of an extremely limited hardcoded selection.
CVE-2022-4710 CVSS:6.1
Royal Elementor Addons plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data_fetch function. A remote attacker could exploit this vulnerability using the wpr_ajax_search_link_target parameter in a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-4700 CVSS:5.4
Royal Elementor Addons plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the wpr_activate_required_theme AJAX action. An attacker could exploit this vulnerability to activate the royal-elementor-kit theme.
CVE-2022-4705 CVSS:4.3
Royal Elementor Addons plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the wpr_final_settings_setup AJAX action. An attacker could exploit this vulnerability to finalize activation of preset site configuration templates.
CVE-2022-4703 CVSS:4.3
Royal Elementor Addons plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the wpr_reset_previous_import AJAX action. An attacker could exploit this vulnerability to reset previously imported data.
CVE-2022-4711 CVSS:4.3
Royal Elementor Addons plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the wpr_save_mega_menu_settings AJAX action. An attacker could exploit this vulnerability to enable and modify Mega Menu settings for any menu item.
CVE-2022-4709 CVSS:4.3
Royal Elementor Addons plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the wpr_import_library_template AJAX action. An attacker could exploit this vulnerability to enable and modify Mega Menu settings for any menu item.
CVE-2022-4701 CVSS:4.3
Royal Elementor Addons plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the wpr_activate_required_plugins AJAX action. An attacker could exploit this vulnerability to activate the contact-form-7, media-library-assistant, or woocommerce plugins if they are installed on the site.
CVE-2022-4707 CVSS:4.3
Royal Elementor Addons plugin for WordPress is vulnerable to cross-site request forgery, caused by missing nonce validation in the wpr_create_mega_menu_template AJAX function. By persuading an authenticated administrator to visit a malicious Web site, a remote attacker could send a malformed HTTP request to create Mega Menu templates. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVE-2022-4708 CVSS:4.3
Royal Elementor Addons plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the wpr_save_template_conditions AJAX action. An attacker could exploit this vulnerability to enable and modify Mega Menu settings for any menu item.
CVE-2023-0162 CVSS:5.5
CPO Companion plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the content type settings parameters to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-0403 CVSS:5.4
Events Made Easy plugin for WordPress is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by multiple AJAX actions. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to delete post meta information and reset network access tokens, An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVE-2023-0402 CVSS:5.4
Events Made Easy plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by a missing capability check in several AJAX actions. An attacker could exploit this vulnerability to delete post meta information and reset network access tokens.
CVE-2023-0447 CVSS:4.3
My YouTube Channel plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by a missing capability check in the clear_all_cache function. An attacker could exploit this vulnerability to clear the cache.
CVE-2023-0446 CVSS:5.5
My YouTube Channel plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the settings parameter to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
Impact
- Security Bypass
- Cross-Site Scripting
Indicators Of Compromise
CVE
- CVE-2022-4704
- CVE-2022-4702
- CVE-2022-4710
- CVE-2022-4700
- CVE-2022-4705
- CVE-2022-4703
- CVE-2022-4711
- CVE-2022-4709
- CVE-2022-4701
- CVE-2022-4707
- CVE-2022-4708
- CVE-2023-0162
- CVE-2023-0403
- CVE-2023-0402
- CVE-2023-0447
- CVE-2023-0446
Affected Vendors
WordPress
Affected Products
- Royal Elementor Addons Plugin for WordPress 1.3.55
- Royal Elementor Addons Plugin for WordPress 1.3.59
- CPO Companion plugin for WordPress 1.0.3
- CPO Companion plugin for WordPress 1.0.4
- Social Warfare plugin for WordPress 4.3.0
- Social Warfare plugin for WordPress 4.3.1
- Social Warfare plugin for WordPress 4.2.9
- My YouTube Channel plugin for WordPress 3.0.12.0
- My YouTube Channel plugin for WordPress 3.0.12.1
Remediation
Upgrade to the latest version of plugins for WordPress, available from the WordPress Plugin Directory.