Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Attackers exploit vulnerabilities in two WordPress plugins

Attackers exploit vulnerabilities in two WordPress plugins


Millions of WordPress websites are at risk due to the exploitation of a vulnerability within two widely used WordPress plugins.  The plugins are “JetPack”, a customization and performance tool, and “Twenty Fifteen”, used for infinite scrolling. WordPress installs “Twenty Fifteen” by default, which increases the number of vulnerable sites. Both plugins use a package called genericons, which contains vector icons embedded in a font. In the package, there is an insecure file called example.html which makes the package vulnerable. The vulnerability in genericons is hard to detect. It is an XSS (cross-site scripting) flaw in which the malicious payload runs as a result of modifying a browser’s DOM (Document Object Model), which is a programming API that defines how HTML and XML documents are accessed and displayed. The payload that is delivered is executed directly in the browser and does not go to the server. That means Web application firewalls cannot see it and stop it.
 
Read More:
 
Source:
 
Computer World
 
Security Week
 
Team Cymru
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis