1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Top WordPress anti-spam plugin may actually be putting your site

    From TechnologyDaily@1337:1/100 to All on Wednesday, November 27, 2024 14:00:04
    Top WordPress anti-spam plugin may actually be putting your site at risk of attack

    Date:
    Wed, 27 Nov 2024 13:57:50 +0000

    Description:
    Spam protection, Anti-Spam, and FireWall WordPress plugin carrying two critical flaws which put hundreds of thousands of sites at risk.

    FULL STORY ======================================================================Research ers found two flaws in a popular WordPress plugin Flaws allow threat actors
    to install malicious plugins and run arbitrary code A patch is already available, so WordPress users should update now

    A major anti-spam plugin for top website builder WordPress carried a pair of critical severity vulnerabilities which allowed threat actors to install plugins at will, and even execute arbitrary code, remotely.

    The bugs have since been patched, and users are advised to deploy them as
    soon as possible.

    The vulnerable plugin is called Spam protection, Anti-Spam, and Firewall, and was built by CleanTalk, a company developing spam protection for WordPress, Joomla, Drupal, and other website builders. Popular plugin

    The plugin carried two flaws: one tracked as CVE-2024-10542, and one tracked as CVE-2024-10781. The first has a severity score of 9.8 - critical, while
    the second 8.1 - high.

    The former is an unauthorized Arbitrary Plugin Installation bug, that occurs due to an authorization bypass via reverse DNS spoofing on the checkWithoutToken function. As a result, unauthenticated attackers get to install and activate arbitrary plugins which, in some scenarios, can be leveraged to achieve remote code execution.

    The latter, on the other hand, is an unauthorized Arbitrary Plugin Installation that occurs due to an missing empty value check on the 'api_key' value in the 'perform' function. The results are the same - achieving remote code execution in certain scenarios (when another vulnerable plugin is installed and activated).

    Spam protection, Anti-Spam, and Firewall is a major WordPress plugin, installed on more than 200,000 websites, at press time. The bug was first spotted by a researcher with the alias mikemyers who reported their findings to WordFence , a project that researches WordPress vulnerabilities.

    WordFence reached out to CleanTalk in late October 2024 who, a few days
    later, came forward with a patch. We would like to commend the CleanTalk team for their prompt response and timely patch, WordFence said.

    Users are urged to update their sites with the latest patched version, which was 6.45.2 at press time. You might also like Another top WordPress plugin
    has a major security flaw and millions of sites could be affected Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/top-wordpress-anti-spam-plugin-may-actu ally-be-putting-your-site-at-risk-of-attack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)