Multiple vulnerabilities in WordPress plugins

Description

Multiple serious vulnerabilities have been found in WordPress plugins and themes. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code, bypass security and read local files.

Below is a complete list of vulnerabilities

1. Multiple XSS vulnerabilities were found in Spider Facebook, Contact Form DB, WooCommerce, WP Media Cleaner, Ninja Forms, WonderPlugin Audio Player, WPML and Google Doc Embedder plugins. By exploiting these vulnerabilities malicious users can inject arbitrary script. These vulnerabilities can be exploited remotely via a unknown vectors related to admin panel;

2. Multiple CSRF vulnerabilities were found in Mobile Domain, Image Metadata Cruncher, Acobot Live Chat & Contact Form, CrossSlide jQuery, Easy Social Icons and Redirection page plugins. By exploiting these vulnerabilities malicious users can hijack administrators auth. These vulnerabilities can be exploited remotely via an unknown vectors related to admin panel;

3. Directory traversal vulnerability was found in Elegant Themes Divi theme. By exploiting this vulnerability malicious users can read local files. This vulnerability can be exploited remotely via a specially designed img parameter;

4. SQL injection vulnerability was found in Apptha WordPress Video Gallery, WonderPlugin Audio Player, Spider Event Calendar, WPML and WordPress Survey and Poll plugins and Photocrati theme. By exploiting this vulnerability malicious users can execute arbitrary SQL commands. This vulnerability can be exploited remotely via a vectors related to admin panel.

5. Unrestricted file upload was found in Fusion theme. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via an unspecified vectors.

6. Improper requests handling and other unknown vulnerability were found in WPML plugin. By exploiting this vulnerabilities can bypass security restrictions. These vulnerabilities can be exploited remotely via a specially designed request.

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Related products

• WordPress-unclassified-products

CVE list

• CVE-2015-2218
  warning
• CVE-2015-2220
  warning
• CVE-2015-2199
  high
• CVE-2015-2196
  critical
• CVE-2015-2195
  warning
• CVE-2015-2194
  high
• CVE-2015-2314
  critical
• CVE-2015-2315
  warning
• CVE-2015-2069
  warning
• CVE-2015-1579
  critical
• CVE-2015-1580
  high
• CVE-2015-2039
  high
• CVE-2015-2040
  warning
• CVE-2015-2216
  critical
• CVE-2015-2089
  high
• CVE-2015-2090
  critical
• CVE-2015-2084
  high
• CVE-2015-1582
  warning
• CVE-2015-1581
  high
• CVE-2015-1614
  high
• CVE-2015-2791
  high
• CVE-2015-2065
  critical
• CVE-2015-2792
  critical
• CVE-2015-1879
  warning

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com