Plateforme
wordpress
Composant
wpo365-login
Corrigé dans
15.4
CVE-2021-43409 describes a persistent Cross-Site Scripting (XSS) vulnerability affecting the WPO365 | LOGIN WordPress plugin. This vulnerability allows attackers to inject malicious scripts that are stored within the application and subsequently executed by other users, potentially leading to account compromise and data theft. The vulnerability impacts versions of the plugin up to 15.3, and a fix is available in version 15.3.
The impact of this XSS vulnerability is significant. An attacker can inject arbitrary JavaScript code that will be executed in the context of other users' browsers. This can be leveraged to steal session cookies, redirect users to malicious websites, deface the website, or even gain complete control over user accounts. The persistent nature of the XSS means the malicious script remains stored within the application, allowing for repeated exploitation without requiring new attacks. Successful exploitation could result in unauthorized access to sensitive data, including user credentials and personal information, and potentially compromise the entire WordPress site.
CVE-2021-43409 was publicly disclosed on November 19, 2021. While no active exploitation campaigns have been definitively linked to this specific CVE, the ease of exploitation and the potential impact make it a high-priority vulnerability. There are publicly available proof-of-concept exploits demonstrating the vulnerability. It is recommended to prioritize remediation to prevent potential attacks.
Websites utilizing the WPO365 | LOGIN WordPress plugin, particularly those running versions prior to 15.3, are at risk. Shared hosting environments are particularly vulnerable as they often have limited control over plugin updates and security configurations. Sites with sensitive user data or those integrated with other critical systems are at higher risk of significant impact.
• wordpress / composer / npm:
grep -r 'wpo365.com/login' /var/www/html/wp-content/plugins/• wordpress / composer / npm:
wp plugin list | grep WPO365 | awk '{print $1}' | xargs wp plugin update• wordpress / composer / npm:
wp plugin status | grep WPO365disclosure
patch
Statut de l'Exploit
EPSS
0.59% (percentile 69%)
Vecteur CVSS
The primary mitigation for CVE-2021-43409 is to immediately upgrade the WPO365 | LOGIN plugin to version 15.3 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a Web Application Firewall (WAF) rule to filter out potentially malicious script injections. Specifically, look for patterns associated with JavaScript injection attempts. Additionally, review user input validation and output encoding practices within the plugin's codebase to prevent future XSS vulnerabilities. After upgrading, confirm the fix by attempting to inject a simple JavaScript payload through a plugin setting and verifying that it is not executed.
Actualice el plugin WPO365 | LOGIN a la versión 15.4 o superior. Esta actualización corrige la vulnerabilidad XSS persistente. Puede actualizar el plugin directamente desde el panel de administración de WordPress.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2021-43409 is a critical Cross-Site Scripting (XSS) vulnerability affecting the WPO365 | LOGIN WordPress plugin, allowing attackers to inject malicious scripts.
You are affected if you are using WPO365 | LOGIN WordPress plugin versions prior to 15.3.
Upgrade the WPO365 | LOGIN plugin to version 15.3 or later. Consider a WAF as a temporary mitigation.
While no confirmed active campaigns are publicly known, the vulnerability's ease of exploitation makes it a high-priority risk.
Refer to the WPO365 website and WordPress plugin repository for the latest advisory and update information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.