Geeks for your information News Privacy & Security News v
Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,067 in 3,839 posts
Thanks Given: 6,263
Joined: 12 September 18
#1
Information  14 January 21, 15:13 (This post was last modified: 14 January 21, 15:13 by silversurfer.)
Quote:Two vulnerabilities (one critical) in a WordPress plugin called Orbit Fox could allow attackers to inject malicious code into vulnerable websites and/or take control of a website.
 
Orbit Fox is a multi-featured WordPress plugin that works with the Elementor, Beaver Builder and Gutenberg site-building utilities. It allows site administrators to add features such as registration forms and widgets. The plugin, from a developer called ThemeIsle, has been installed by 400,000+ sites.
 
According to researchers at Wordfence, the first flaw (CVEs are pending) is an authenticated privilege-escalation flaw that carries a CVSS bug-severity score of 9.9, making it critical. Authenticated attackers with contributor level access or above can elevate themselves to administrator status and potentially take over a WordPress site.
 
The second bug meanwhile is an authenticated stored cross-site scripting (XSS) issue that allows attackers with contributor or author level access to inject JavaScript into posts. This injection could be used to redirect visitors to malvertising sites or create new administrative users, among other actions. It’s rated 6.4 on the CVSS scale, making it medium severity.
 
The privilege-escalation bug exists in the Orbit Fox registration widget, according to researchers.
The widget is used to create registration forms with customizable fields when using the Elementor and Beaver Builder page-builder plugins. Site administrators can set a default role to be assigned to users who register on the site using the form.
 
“Lower-level users like contributors, authors, and editors were not shown the option to set the default user role from the editor. However, we found that they could still modify the default user role by crafting a request with the appropriate parameter,” Wordfence researchers explained, in a Tuesday posting. “The plugin provided client-side protection to prevent the role selector from being shown to lower-level users while adding a registration form. Unfortunately, there were no server-side protections or validation to verify that an authorized user was actually setting the default user role in a request.”

Read more: https://threatpost.com/orbit-fox-wordpre...gs/163020/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Advanced SystemCare PRO 17
Advanced SystemCare ...zevish — 10:04
How to install iOS 16 or iPadOS 16 publ...
IPhone X I Just buyi...thomasan — 08:30
Brave 1.65.114
Release Channel 1....harlan4096 — 06:53
Brave Search: Answer with AI takes over,...
Brave Search's new...harlan4096 — 06:33
Waterfox G6.0.12
Waterfox G6.0.12​ ...harlan4096 — 15:56

[-]
Birthdays
Today's Birthdays
avatar (36)RobertUtelt
Upcoming Birthdays
avatar (43)wapedDow
avatar (42)techlignub
avatar (41)Stevenmam
avatar (48)onlinbah
avatar (49)steakelask
avatar (43)Termoplenka
avatar (41)bycoPaist
avatar (47)pieloKat
avatar (41)ilyagNeexy
avatar (49)donitascene
avatar (49)Toligo

[-]
Online Staff
jasonX's profile jasonX
Administrator

>