Multiple Vulnerabilities in WordPress Plugins


Systems Affected

WordPress Polldaddy Polls & Ratings Plugin prior to 2.0.25
WordPress EasyCart Plugin prior to 2.0.6
WordPress Tera Charts Plugin prior to 0.1
WordPress NextGEN Gallery Plugin prior to 2.0.65

Threat Level



Multiple vulnerabilities have been reported in various plugins for wordpress which could be exploited by a remote attacker to disclose information, upload arbitrary files and conduct Cross-site scripting and directory traversal attacks.


1. WordPress Polldaddy Polls & Ratings plugin Cross-site scripting Vulnerability ( CVE-2014-4856 )
A Cross-site scripting (XSS) vulnerability exists in the Polldaddy Polls & Ratings plugin for WordPress due to improper sanitization of user supplied input. A remote attacker could exploit this vulnerability to execute arbitrary web script or HTML via vectors related to a ratings shortcode and a unique ID.

2. WordPress Tera Charts Plugin Directory Traversal Vulnerabilities ( CVE-2014-4940 )
These vulnerabilities exits in Tera Charts Plugin for WordPress which could allow an attacker to execute arbitrary files using (dot dot) in the fn parameter to charts/treemap.php or charts/zoomabletreemap.php.

3. WordPress EasyCart Plugin Information Disclosure Vulnerability ( CVE-2014-4942 )
This vulnerability exits in EasyCart (wp-easycart) plugin for WordPress. A remote attacker could exploit this vulnerability by calling phpinfo function through request to inc/admin/phpinfo.php, allowing an attacker to obtain configuration information.

4. WordPress NextGEN Gallery Plugin Arbitrary File Upload Vulnerability
This vulnerability exits in NextGEN Gallery Plugin for WordPress due to improper verification of the mime type of image files. On Successful exploitation, a remote attacker could upload and execute arbitrary PHP code.


Solution/ Workarounds

  ✻  Update the latest version of the Mozilla's Firefox on Windows, Linux and Mac.



The information provided herein is on "as is" basis, without warranty of any kind.


© Copyright Sri Lanka CERT|CC. All Rights Reserved.