Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Multiple Vulnerabilities in WordPress Plugins

 

Systems Affected


WordPress Polldaddy Polls & Ratings Plugin prior to 2.0.25
WordPress EasyCart Plugin prior to 2.0.6
WordPress Tera Charts Plugin prior to 0.1
WordPress NextGEN Gallery Plugin prior to 2.0.65

Threat Level


High


Overview


Multiple vulnerabilities have been reported in various plugins for wordpress which could be exploited by a remote attacker to disclose information, upload arbitrary files and conduct Cross-site scripting and directory traversal attacks.


Description


1. WordPress Polldaddy Polls & Ratings plugin Cross-site scripting Vulnerability ( CVE-2014-4856 )
A Cross-site scripting (XSS) vulnerability exists in the Polldaddy Polls & Ratings plugin for WordPress due to improper sanitization of user supplied input. A remote attacker could exploit this vulnerability to execute arbitrary web script or HTML via vectors related to a ratings shortcode and a unique ID.

2. WordPress Tera Charts Plugin Directory Traversal Vulnerabilities ( CVE-2014-4940 )
These vulnerabilities exits in Tera Charts Plugin for WordPress which could allow an attacker to execute arbitrary files using (dot dot) in the fn parameter to charts/treemap.php or charts/zoomabletreemap.php.

3. WordPress EasyCart Plugin Information Disclosure Vulnerability ( CVE-2014-4942 )
This vulnerability exits in EasyCart (wp-easycart) plugin for WordPress. A remote attacker could exploit this vulnerability by calling phpinfo function through request to inc/admin/phpinfo.php, allowing an attacker to obtain configuration information.

4. WordPress NextGEN Gallery Plugin Arbitrary File Upload Vulnerability
This vulnerability exits in NextGEN Gallery Plugin for WordPress due to improper verification of the mime type of image files. On Successful exploitation, a remote attacker could upload and execute arbitrary PHP code.


Impact



Solution/ Workarounds


Upgrade to the latest version as mentioned in below links
https://wordpress.org/plugins/polldaddy/changelog/
http://wordpress.org/plugins/tera-charts/changelog/
https://wordpress.org/plugins/nextgen-gallery/changelog/
https://wordpress.org/plugins/wp-easycart/changelog/


References


http://www.cert-in.org.in/


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.