WordPress users have been urged to check their security protection after a bug that could have allowed hackers to wipe entire sites was uncovered.
Two new vulnerabilities were found in a WordPress plugin by the Wordfence Threat Intelligence team that posed a threat to over 80,000 websites.
The flaws were found in the Nested Pages WordPress plugin, and included a Cross-Site Request Forgery vulnerability that allowed posts and pages to be deleted, unpublished or assigned to a different author in bulk. A separate open redirect vulnerability was also found.
- Here is a list of the best website builders on the market
- Also take a look at these best WordPress themes
- These are the best WordPress SEO plugins
The Wordfence team said that the plugin author released a patched version of the plugin, version 3.1.16, a few hours after it was brought to their attention.
WordPress plugin flaw
Due to the nature of Cross-Site Request Forgery vulnerabilities, there is no way of providing protection for these vulnerabilities without blocking legitimate requests, thus the Wordfence team advised website owners to update to the latest patched version of Nested Pages for website protection.
The Nested Pages plugin allows website owners to manage page structure via drag and drop functionality, and perform actions on multiple pages at the same time, including bulk page deletion and modification of page metadata, including page author and publication status.
Not only did the vulnerabilities leave websites exposed to attackers that could trick administrators into sending a request that could reassign pages to a different author, but it also left websites vulnerable to open redirects that could be used to trick visitors into entering credentials on a phishing site by appearing to be a link to a trusted website.
"With most CSRF attacks, the victim lands on the page used to make the changes they were tricked into making, which could tip them off that something has gone wrong, especially if the changes are visible on the page," wrote the Wordfence Threat Intelligence team.
"The ability to chain an open redirect to the CSRF attack makes it easier for an attacker to exploit the CSRF attack and redirect the victim to another page without immediately raising suspicion."
- Take a look at our list of the best DDoS protection available