<
>

CyberSecurity Asean security alert on A Vulnerability in WordPress InfiniteWP Client Plugin Could Allow for Authentication Bypass

This alert is originally published and can be viewed at https://www.cisecurity.org

OVERVIEW:
A vulnerability has been discovered in the Revmakx InfiniteWP Client Plugin that could allow for authentication bypass. WordPress is a web-based publishing application implemented in PHP, and the Revmakx InfiniteWP Client Plugin allows website administrators to manage an unlimited number of WordPress sites from a centralized management server. Successful exploitation of this vulnerability could allow for authentication bypass with admin privileges.
 
THREAT INTELLIGENCE:
On January 14th, WebARX published a proof-of-concept for this flaw in WordPress InfiniteWP Client Plugin. The PoC is available at https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule/
 
SYSTEM AFFECTED:
· Revmakx InfiniteWP Client Plugin prior to 1.9.4.5
 
RISK:
Government:

  • Large and medium government entities: High

  • Small government entities: Medium

Businesses:

  • Large and medium business entities: High

  • Small business entities: Medium

Home users: Low
 
TECHNICAL SUMMARY:
A vulnerability has been discovered in the Revmakx InfiniteWP Client Plugin that could allow for authentication bypass. This vulnerability exists because the plugin fails to properly authenticate users accessing the iwp_mmb_set_request function in the init.php file. An unauthenticated attacker can exploit this issue by encoding the payload containing the admin username with JSON, then Base64 and sending it via POST request to the affected site. Successful exploitation of this vulnerability could allow for authentication bypass with admin privileges.
 
RECOMMENDATIONS:
We recommend the following actions be taken:

  • Apply appropriate updates provided by Revmakx manually to affected systems, immediately after appropriate testing.

  • Apply the Principle of Least Privilege to all systems and services.

  • Verify no unauthorized system modifications have occurred on system before applying patch.

  • Monitor intrusion detection systems for any signs of anomalous activity.

  • Unless required, limit external network access to affected products.

 
REFERENCES:
WordPress:
https://wordpress.org/plugins/iwp-client/
 
Bleeping Computer:
https://www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-allows-admin-logins-without-password/

You might also like
Most comment
share us your thought

0 Comment Log in or register to post comments