The National Vulnerability Database announced that a popular Google Analytics WordPress plugin installed by more than 3 million was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability.
Stored XSS
A Cross-Site Scripting (XSS) attack generally occurs when a part of the website that accepts user input is insecure and allows unintended input such as scripts or links.
The XSS vulnerability can be exploited to gain unauthorized access to a website and can lead to the theft of user data or a complete site takeover.
The non-profit Open World Application Security Project (OWASP) describes how XSS vulnerability works:
“An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way of knowing that the script is not to be trusted and will execute the script.
Because it believes the script is from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information held by the browser and used with that site.
A stored XSS, which is possibly worse, is one where the malicious script is stored on the website’s own servers.
The plugin, MonsterInsights – Google Analytics Dashboard for WordPress, was found to have the stored XSS version of the vulnerability.
MonsterInsights – Google Analytics Dashboard for WordPress Vulnerability
The Google Analytics MonsterInsights plugin is installed on more than three million websites, making this vulnerability even more concerning.
WordPress security company Patchstack, which discovered the vulnerability, details published:
“Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Google Analytics by MonsterInsights Plugin.
This could allow a malicious actor to inject malicious scripts such as redirects, ads, and other HTML payloads into your website, which will be executed when guests visit your site.
This vulnerability has been fixed in version 8.14.1.
The MonsterInsights plugin changelog in the WordPress plugin repository offered a somewhat vague explanation of the security patch:
“Fixed: Fixed a PHP warning bug and added additional security reinforcement.”
A “security hardening” is a term that can be applied to many tasks related to reducing attack vectors, such as removing the version number.
WordPress has published a full page on tightening security which recommends security-enhancing tasks such as regular database backups, obtaining themes and plugins from trusted sources, and using strong passwords.
All these activities are tightening security.
This is why the use of the phrase “security hardening” is a general, generic term used for something as specific (and important) as patching an XSS security vulnerability, which could lead to a user to skip updating their plugin.
Recommended action
Patchstack recommends that all users of the MonsterInsights Analytics plugin immediately update their WordPress plugin to the latest version or at least version 8.14.1.
Read the US National Vulnerability Database announcement:
Read Patchstack’s announcement:
[ad_2]
Source link
