|
|
This is a very recent problem, the first attacks were recorded at the beginning of November 2018.
The WP-GDPR-Compliance plugin interacts with email list the WordPress core through admin-ajax.php to perform its functions. On the affected versions, a problem was found related to the plugin settings update operations.
Programming error allows attacker to inject and execute commands in Wordpress database
Vulnerability Exploitation
The attack is performed in two phases: inserting the value/string into the database and executing it through a do_action() call to potentially perform any action. The vulnerability falls into the privilege escalation category and is extremely insidious.
The attacker exploits the flaw to create a user with administrator permissions on the system. After the user is created, the URL is called /wp-login.php?action=registerin order to gain administrative access to the Wordpress installation. Technically, at this point, such as uploading tampered files, themes and plugins or performing mass injections on the original Wordpress files and ensuring control through remote shells.
|
|
發表於 2024-12-30 14:20:39