590,000 WordPress Sites Vulnerable Due to Critical Plugin Vulnerability

590,000 WordPress sites are at risk of being taken over by attackers due to a critical vulnerability in a plugin. The developer of NextGen Gallery , the plug-in in question, has released a security update. However, only a mere 27 percent of the more than 800,000 WordPress sites using the plugin have the update installed.

NextGen Gallery allows WordPress sites to add a photo gallery to their website. Researchers from security company Wordfence discovered two vulnerabilities in the plug-in last December. The impact of one of these vulnerabilities (CVE-2020-35942) has been rated 9.6 in severity on a scale of 1 to 10.

The vulnerability is caused by a logical error in the function that assesses whether certain requests are allowed. An attacker could execute code remotely through cross-site request forgery (CSRF). The attack does require some social engineering. For example, a logged-in administrator must click on a link of the attacker and at least one photo album of the website must be accessible to the attacker.

The developer of the plug-in was notified on December 15th and released an update two days later. This version, 3.5.0, has been installed by just under 27 percent of the more than 800,000 websites. This means that about 590,000 WordPress sites are still with a vulnerable version of the plug-in. Administrators of these sites are advised to install the update as soon as possible as details of the vulnerability have been disclosed.

Previous Post Next Post