Moneycontrol PRO
Live: Live: Which RJ stock is worth betting on
you are here: HomeNewsTechnology

WordPress Download Manager plugin patches security flaw

The plugin was weak to a remote code execution flaw that would have allowed hackers to upload and run malicious files

July 31, 2021 / 01:18 PM IST
The remote code execution vulnerability has now been fixed

The remote code execution vulnerability has now been fixed

A security flaw in a popular WordPress plugin called WordPress Download Manager has now been fixed. The flaw allowed hackers to run and upload malicious files on the websites that ran the plugin.

According to the security researchers at Wordfence, the plugin has been installed on more than 100,000 websites that use WordPress and was found weak to two severe flaws. The first one allowed was a file upload vulnerability that would have let threat actors remotely execute malicious code and the second was a vulnerability to a double extension attack through which a file with multiple extensions could be used to trigger code.

As explained by Wordfence, "a user with author-level permissions could also upload a file with an image extension containing malicious JavaScript and set the contents of file[page_template] to the path of the uploaded file."

This would have allowed the actor to take control of the site by obtaining credentials or by remotely executing a code in the administrator's browser session.

The second vulnerability allowed authors and other users to perform a double extension attack. For instance, "it was possible to upload a file titled info.php.png. This file would be executable on certain Apache/mod_php configurations that use an AddHandler or AddType directive."

Both of the vulnerabilities have been fixed by the plugin's developer.
Moneycontrol News
first published: Jul 31, 2021 01:18 pm
ISO 27001 - BSI Assurance Mark