Category : exploits

The changelog for easy-wp-smtp detailed that they “fixed potential vulnerability in import\export settings.” in 1.3.9.1 of the plugin (SVN changeset 2052058). This was released on 17th March 2019. It appears that an unauthenticated user can import arbitrary wp_options by providing a PHP serialized array in $_POST[‘swpsmtp_import_settings’]. This can be used to permit new user registrations ..

Read more

Description Blind time-based SQL injection, combined with lack of permission check resulted in an unauthorised attack which can be performed by any user on the site (including subscriber profiles). 1. Lack of permission check in settings import Similar to our recent analysis, this vulnerability was also caused due to lack of permission check on plugin settings ..

Read more