Persistent XSS Vulnerability Discovered in WP Super Cache Plugin

[djbaxter]

Persistent XSS Vulnerability Discovered in WP Super Cache Plugin
by Sarah Gooding, WordPress Tavern
April 8, 2015

The security team at Sucuri has issued an advisory for WordPress users who have the WP Super Cache plugin activated on their sites. The popular caching plugin contains a dangerous persistent XSS vulnerability that was promptly patched in its 1.4.4 release.


Sucuri ranks the risk as ?Dangerous? with a DREAD score of 8/10. Exploiting the vulnerability is relatively easy for an attacker intent on injecting a backdoor. Sucuri breaks down the technical details of the threat as follows:

Using this vulnerability, an attacker using a carefully crafted query could insert malicious scripts to the plugin?s cached file listing page. As this page requires a valid nonce in order to be displayed, a successful exploitation would require the site?s administrator to have a look at that particular section, manually.

When executed, the injected scripts could be used to perform a lot of other things like adding a new administrator account to the site, injecting backdoors by using WordPress theme edition tools, etc.

Make certain your plugins are updated to the latest versions!

Read more...