SeedProd has fixed a major vulnerability in the Website Builder that has over 900,000 installations. This vulnerability, present in versions up to and including 6.15.21, poses a risk of unauthorized data modification on WordPress sites.
Vulnerability Details: Missing capability check
The discovered vulnerability is called a missing capability check inside the “seedprod_lite_new_lpage” function.
Capabilities are specific actions that users or roles can perform. A capability check is an important security feature in WordPress for managing permissions and access controls. They determine whether a user has the authority to perform a specific action.
It is similar to a role check in that a role check checks the user’s role (such as administrator, editor, etc.), while a capability check checks whether the user has specific permissions. A capability check provides more granular control over permissions compared to a role check.
The missing capability check allows unauthenticated attackers to potentially modify the content of various pages created with the plugin, such as near or maintenance pages. The absence of this security feature exposes websites to data manipulation risks.
Unauthorized data modification
Unauthorized modification of data is a serious security issue. It arises from a failure where unauthorized people can alter the data, leading to potential exploits. It is highly recommended to address this type of vulnerability in the Website Builder plugin.
Severity and impact: high risk exposure
The vulnerability is rated 8.2 on a scale of 1 to 10, with a severity rating classified as “High” under the Common Vulnerability Scoring System (CVSS). The high rating indicates the severity of the potential impact.
This vulnerability is so new that there is currently no entry in the National Vulnerability Database for the assigned CVE number CVE-2024-1072.
However, Wordfence WordPress security researchers emphasized the seriousness of the problem Website Builder Vulnerability by SeedProd:
“This makes it possible for unauthenticated attackers to change the upcoming content, maintenance pages, login, and 404 pages configured with the plugin.”
Recommendation for website builder plugin users
The publisher of SeedProd’s Website Builder has responded by releasing an updated version, 6.15.22, that fixes this vulnerability. The update includes a security key to mitigate the risk, and plugin users are encouraged to update immediately to protect their website from attack.
Regarding the nonce, WordPress explains what it is:
A nonce is a “number used once” to help protect URLs and forms from certain types of misuse, malicious or otherwise.
… They help protect against various types of attacks…”
Read the Wordfence announcement:
Read the official SeedProd changelog
Featured image by Shutterstock/Nikulina Tatiana
[ad_2]
Source link
