More than 200K WordPress websites are vulnerable to attacks because of a high seriousness cross-site request forgery (CSRF) bug in Code Snippets plugin.
The plugin enables users to execute code without including custom snippets for their motif’s functions.php file.
Code Snippets also implements a graphical interface, like the Plugins menu, for handling snippets. Snippets can may be activated and deactivated, like plugins.
This CSRF vulnerability can be exploited by attackers to invent a petition on behalf of an administrator and then inject code onto a vulnerable website, possibly allowing remotely execute arbitrary code WordPress supports running vulnerable Code Snippets setup.
The flaw allowed anyone to forge a petition on behalf of an administrator and inject executable code on a vulnerable website.” Reads the advisory released by Wordfence. We individually revealed the complete details into the plugin developer on January 24th, who had been fast to respond and published a patch one day after.”
The Code Snippets plugin now has over 200,000 active matches, on January 25, the development team has released the version 2.14.0.
Wordfence researchers clarified that the programmers have protected almost all endpoints of the plugin with WordPress”nonces,” except the plugin’s export function which lacked that CSRF protection. An attacker can craft a malicious request to trick an administrator to sabotaging their own website, such as by producing a new administrative accounts on the website, exfiltrating sensitive info, and infect website users.
“This petition would perform an act, send a request to the website, along with the attacker’s malicious code may be injected and implemented on the website. Proceeds the advisory. “An attacker may create a new administrative accounts on the website, exfiltrate sensitive info, infect website users, plus far more”
Pros will printed a proof-of-concept (PoC) tap February 12, because of this, it is crucial to upgrade the plugin .
In the time of writing, over 50K users’ve downloaded and installed the most recent edition of the plugin, but other 150K are still vulnerable to attacks.
