Descripción
A lo largo del mes de abril y principios de mayo se han ido publicando diversas vulnerabilidades que afectan a varios plugins de WordPress. Todos ellos se deben por ser del tipo Cross Site Scripting (XSS), tanto persistente como reflejado como sin autenticar.
Recursos afectados
A continuación, se indican el nombre de los afectados, la vulnerabilidad, severidad y la versión en los que se han corregido los fallos de seguridad:
| Plugin | Vulnerability | Severity | Patched version |
|---|---|---|---|
| goto | Reflected XSS | Low | 2 |
| bello | Unauthenticated SQL Injection | high | 1.5.8 |
| add-search-to-menu | Reflected XSS | Low | 4.6.1 |
| cooked-pro | Reflected XSS | Low | 1.7.5.6 |
| advanced-booking-calendar | Authenticated XSS | Low | 1.6.8 |
| woocommerce-customers-manager | Authenticated XSS | Low | 26.7 |
| wp-pagebuilder | Multiple Stored Cross-Site Scripting | Medium | 1.2.4 |
| advanced-custom-fields-pro | Reflected XSS | Low | 5.9.1 |
| essential-addons-for-elementor-lite | Multiple Authenticated XSS | Medium | 4.5.4 |
| header-footer-elementor | Multiple Authenticated Stored XSS | Medium | 1.5.8 |
| ultimate-elementor | Multiple Authenticated Stored XSS | Medium | 1.30.0 |
| premium-addons-for-elementor | Multiple Authenticated Stored XSS | Medium | 4.2.8 |
| elementskit-lite | Multiple Authenticated Stored XSS | Medium | 2.2.0 |
| addon-elements-for-elementor-page-builder | Multiple Authenticated XSS | Low | 1.11.2 |
| addons-for-elementor | Multiple Authenticated Stored XSS | Medium | 6.8 |
| ht-mega-for-elementor | Multiple Authenticated Stored XSS | Medium | 1.5.7 |
| woolentor-addons | Multiple Authenticated Stored XSS | Medium | 1.8.6 |
| powerpack-lite-for-elementor | Multiple Authenticated Stored XSS | Medium | 2.3.2 |
| image-hover-effects-addon-for-elementor | Multiple Authenticated Stored XSS | Medium | 1.3.4 |
| rife-elementor-extensions | Multiple Authenticated Stored XSS | Medium | 1.1.6 |
| the-plus-addons-for-elementor-page-builder | Multiple Authenticated Stored XSS | Medium | 2.0.6 |
| widgetkit-for-elementor | Multiple Authenticated Stored XSS | Medium | 2.3.10 |
| jetwidgets-for-elementor | Multiple Authenticated Stored XSS | Medium | 1.0.9 |
| sina-extension-for-elementor | Multiple Authenticated Stored XSS | Medium | 3.3.12 |
| dethemekit-for-elementor | Multiple Authenticated Stored XSS | Medium | 1.5.5.5 |
| easy-digital-downloads1 | Cross-Site Request Forgery | Low | 2.10.3 |
| slider-range-htapps | Unauthenticated XSS | Low | 1.1.10 |
| woo-billing-with-invoicexpress | Unauthenticated XSS | Low | 3.0.3 |
| seo-redirection | Multiple Authenticated Stored XSS | Medium | 6.4 |
| seo-redirection | Unauthenticated XSS | Low | 6.4 |
| all-404-redirect-to-homepage | Multiple Authenticated Stored XSS | Medium | 1.21 |
| give | Authenticated Persistent XSS | Medium | 2.10.2 |
| rss-for-yandex-turbo | Authenticated Persistent XSS | Medium | 1.3 |
| wp-db-backup | Authenticated Persistent XSS | Medium | 2.4 |
| better-wp-security | Hide Backend Bypass vulnerability | Medium | 7.9.1 |
| ultimate-maps-by-supsystic | Reflected XSS | Low | 1.2.5 |
| popup-by-supsystic | Reflected XSS | Low | 1.10.5 |
| goto | Unauthenticated Blind SQL Injection | high | 2.1 |
| wp-super-cache | Authenticated Persistent XSS | Medium | 1.7.3 |
| woocommerce | Authenticated Persistent XSS | Medium | 5.2.0 |
| nextgen-gallery-pro | Reflected XSS | Low | 3.1.11 |
| select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons | Reflected XSS | Low | 1.3.2 |
| accordions | Authenticated Reflected XSS | Low | 2.2.30 |
Solución
Para solucionar todas estas vulnerabilidades, actualizar a la versión indicada previamente en cada uno de los diferentes plugins. Con actualizar el propio WordPress no es suficiente, los plugins también pueden ser un vector de ataque.
