{"id":161837,"date":"2024-06-24T09:45:50","date_gmt":"2024-06-24T08:45:50","guid":{"rendered":"https:\/\/getshieldsecurity.com\/?p=161837"},"modified":"2024-06-24T09:45:51","modified_gmt":"2024-06-24T08:45:51","slug":"shieldnotes-ep19","status":"publish","type":"post","link":"https:\/\/getshieldsecurity.com\/blog\/shieldnotes-ep19\/","title":{"rendered":"ShieldNOTES Ep#19: Recurring Vulnerability + Severely Critical + Monitor WP Activity"},"content":{"rendered":"\n<p>This week, 1 plugin stands out due to its recurring vulnerability, alongside plugins with high severity issues that may need attention.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">#1 &#8211; Vulnerable: Email Subscribers &amp; Newsletters Plugin<\/h2>\n\n\n\n<p>A recurring SQL Injection vulnerability.<\/p>\n\n\n\n<p><strong>How will I know I&#8217;m ok?<\/strong><br>Upgrade ASAP to v5.7.24+<\/p>\n\n\n\n<p><strong>What&#8217;s the risk?<\/strong><br>Severity risk <strong>9.3<\/strong>\/10 &#8211; SQL Injection &#8211; an attacker can interact with your WP database directly!<\/p>\n\n\n\n<p><strong>Editor Comment<\/strong><br>Please use <a href=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" data-type=\"link\" data-id=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" target=\"_blank\" rel=\"noreferrer noopener\">ShieldPRO&#8217;s auto-upgrade feature<\/a> for vulnerable plugins.<\/p>\n\n\n\n<p><a href=\"https:\/\/patchstack.com\/database\/vulnerability\/email-subscribers\/wordpress-icegram-express-plugin-5-7-23-unauthenticated-sql-injection-vulnerability\" data-type=\"link\" data-id=\"https:\/\/patchstack.com\/database\/vulnerability\/email-subscribers\/wordpress-icegram-express-plugin-5-7-23-unauthenticated-sql-injection-vulnerability\" target=\"_blank\" rel=\"noreferrer noopener\">More Info \u2192<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">#2 &#8211; Vulnerable: Shariff Plugin<\/h2>\n\n\n\n<p>Potentially 50.000 WP sites with a high risk of local file inclusion.<\/p>\n\n\n\n<p><strong>How will I know I&#8217;m okay?<\/strong><br>Upgrade ASAP to v4.6.14+<\/p>\n\n\n\n<p><strong>What&#8217;s the risk?<\/strong><br>Severity risk <strong>9.8<\/strong>\/10 &#8211; a malicious actor may include local files of the target website and show output on the screen!<\/p>\n\n\n\n<p><strong>Editor Comment<\/strong><br>Please use <a href=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" data-type=\"link\" data-id=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" target=\"_blank\" rel=\"noreferrer noopener\">ShieldPRO&#8217;s auto-upgrade feature<\/a> for vulnerable plugins.<\/p>\n\n\n\n<p><a href=\"https:\/\/patchstack.com\/database\/vulnerability\/shariff-sharing\/wordpress-shariff-wrapper-plugin-4-6-13-unauthenticated-local-file-inclusion-vulnerability\" data-type=\"link\" data-id=\"https:\/\/patchstack.com\/database\/vulnerability\/shariff-sharing\/wordpress-shariff-wrapper-plugin-4-6-13-unauthenticated-local-file-inclusion-vulnerability\" target=\"_blank\" rel=\"noreferrer noopener\">More Info \u2192<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">#3 &#8211; Vulnerable: Themify \u2013 WooCommerce Product Filter Plugin<\/h2>\n\n\n\n<p>SQL injection vulnerability on up to 30.000 sites.<\/p>\n\n\n\n<p><strong>How will I know I&#8217;m okay?<\/strong><br>Upgrade ASAP to v1.5.0+<\/p>\n\n\n\n<p><strong>What&#8217;s the risk?<\/strong><br>Severity risk <strong>9.3<\/strong>\/10 &#8211; SQL Injection &#8211; an attacker can directly interact with your WP database!<\/p>\n\n\n\n<p><strong>Editor Comment<\/strong><br>Please use <a href=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" data-type=\"link\" data-id=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" target=\"_blank\" rel=\"noreferrer noopener\">ShieldPRO&#8217;s auto-upgrade feature<\/a> for vulnerable plugins.<\/p>\n\n\n\n<p><a href=\"https:\/\/patchstack.com\/database\/vulnerability\/themify-wc-product-filter\/wordpress-themify-woocommerce-product-filter-plugin-1-4-9-unauthenticated-sql-injection-via-conditions-parameter-vulnerability\" target=\"_blank\" rel=\"noreferrer noopener\">More Info \u2192<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">#4 &#8211; Vulnerable: Salon Booking System Plugin<\/h2>\n\n\n\n<p>A less widely used plugin poses an extremely high security risk.<\/p>\n\n\n\n<p><strong>How will I know I&#8217;m okay?<\/strong><br>Upgrade ASAP to v10.3+<\/p>\n\n\n\n<p><strong>What&#8217;s the risk?<\/strong><br>Severity risk <strong>10<\/strong>\/10 &#8211; Arbitrary File Upload &#8211; an attacker can upload any type of file to your site, including backdoors that could gain further access.<\/p>\n\n\n\n<p><strong>Editor Comment<\/strong><br>Please use <a href=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" data-type=\"link\" data-id=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" target=\"_blank\" rel=\"noreferrer noopener\">ShieldPRO&#8217;s auto-upgrade feature<\/a> for vulnerable plugins.<\/p>\n\n\n\n<p><a href=\"https:\/\/patchstack.com\/database\/vulnerability\/salon-booking-system\/wordpress-salon-booking-system-plugin-10-2-unauthenticated-arbitrary-file-upload-vulnerability\" data-type=\"link\" data-id=\"https:\/\/patchstack.com\/database\/vulnerability\/salon-booking-system\/wordpress-salon-booking-system-plugin-10-2-unauthenticated-arbitrary-file-upload-vulnerability\" target=\"_blank\" rel=\"noreferrer noopener\">More Info \u2192<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">#5 &#8211; Vulnerable: Custom Field Suite Plugin<\/h2>\n\n\n\n<p>PHP Object Injection vulnerability with no official fix.<\/p>\n\n\n\n<p><strong>How will I know I&#8217;m okay?<\/strong><br>No fix available yet; please watch for updates.<\/p>\n\n\n\n<p><strong>What&#8217;s the risk?<\/strong><br>Severity risk <strong>8.8<\/strong>\/10 &#8211; an attacker can inject and execute malicious objects within a PHP application.<\/p>\n\n\n\n<p><strong>Editor Comment<\/strong><br>Please use <a href=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" data-type=\"link\" data-id=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-plugin-vulnerability-scanner\/\" target=\"_blank\" rel=\"noreferrer noopener\">ShieldPRO&#8217;s auto-upgrade feature<\/a> for vulnerable plugins.<\/p>\n\n\n\n<p><a href=\"https:\/\/patchstack.com\/database\/vulnerability\/custom-field-suite\/wordpress-custom-field-suite-plugin-2-6-7-authenticated-php-code-injection-vulnerability\" data-type=\"link\" data-id=\"https:\/\/patchstack.com\/database\/vulnerability\/custom-field-suite\/wordpress-custom-field-suite-plugin-2-6-7-authenticated-php-code-injection-vulnerability\" target=\"_blank\" rel=\"noreferrer noopener\">More Info \u2192<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">#6 &#8211; From our blog: Track All Activity<\/h2>\n\n\n\n<p>Knowing what users and visitors are actually doing on your site is critical to monitoring your WP security.<\/p>\n\n\n\n<p><a href=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-track-user-activity\/\" data-type=\"link\" data-id=\"https:\/\/getshieldsecurity.com\/blog\/wordpress-track-user-activity\/\" target=\"_blank\" rel=\"noreferrer noopener\">More Info \u2192<\/a><\/p>\n\n\n\n<p>Thanks for reading, and have a great week!<\/p>\n\n\n\n<p><strong>Paul Goodchild<\/strong><br><em>Shield Security for WordPress<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This week, 1 plugin stands out due to its recurring vulnerability, alongside plugins with high severity issues that may need attention.<\/p>\n","protected":false},"author":27,"featured_media":161171,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[153,201],"tags":[69],"class_list":["post-161837","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-wordpress-solutions","category-shieldnotes","tag-security"],"acf":[],"_links":{"self":[{"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/posts\/161837","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/comments?post=161837"}],"version-history":[{"count":4,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/posts\/161837\/revisions"}],"predecessor-version":[{"id":161843,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/posts\/161837\/revisions\/161843"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/media\/161171"}],"wp:attachment":[{"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/media?parent=161837"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/categories?post=161837"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/tags?post=161837"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}