Researchers have disclosed a set of vulnerabilities in Jupiter Theme and JupiterX Core plugins for WordPress. One of the disclosed vulnerabilities is a critical privilege escalation flaw that allows attackers to take over the compromised websites.
The flaws in plugins
The vulnerability, tracked as CVE-2022-1654 with a CVSS score of 9.9 (critical), allows any authenticated user or attacker to gain administrative privileges using the exposed plugins.
- The exploitation of the disclosed vulnerability allows the attackers to perform unlimited actions on the site, such as altering its content, injecting malicious scripts, or completely deleting it.
- The attack doesn't have very restrictive requirements. A simple subscriber or a customer of the site is capable of taking advantage of this vulnerability.
- The bug impacts several versions, including Jupiter Theme version 6.10.1 and older (fixed in 6.10.2), JupiterX Core Plugin version 2.0.7 and older (fixed in 2.0.8), and JupiterX Theme version 2.0.6 and older (fixed in 2.0.7).
- During the investigation, a few additional vulnerabilities were discovered, such as CVE-2022-1656, CVE-2022-1657, CVE-2022-1658, and CVE-2022-1659, all of which require authentication to be exploited.
Recent attacks
In the past, multiple cyberattacks were observed abusing various flaws in WordPress plugins.
- A few days ago, the Sysrv-K botnet was found exploiting bugs in Spring Framework and WordPress plugins. The botnet infected Windows and Linux-based systems.
- Recently, tens of thousands of WordPress websites were found to be at risk of compromise due to an ongoing attack targeting a remote code execution vulnerability in the Tatsu Builder plugin.
Conclusion
Multiple critical vulnerabilities have been discovered in WordPress plugins recently, which are already being exploited. Further, one of these new vulnerabilities is critical, allowing any logged-in user to obtain administrator privileges. Thus, users are recommended to keep their machines up-to-date with the latest security patches.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/d4a6_shutterstock_712283689.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/078e_shutterstock_1072283300.jpg)
