XSS Bug in SEOPress WordPress Plugin Allows Site Takeover
#1
Information 
Quote:A stored cross-site scripting (XSS) vulnerability in the SEOPress WordPress plugin could allow attackers to inject arbitrary web scripts into websites, researchers said.
 
SEOPress is a search engine optimization (SEO) tool that lets site owners manage SEO metadata, social-media cards, Google Ad settings and more. It’s installed on more than 100,000 sites.
 
“One feature the plugin implements is the ability to add a SEO title and description to posts, and this can be done while saving edits to a post or via a newly introduced REST-API endpoint,” researchers at Wordfence said in a Monday blog post. “Unfortunately, this REST-API endpoint was insecurely implemented.”
 
The bug (CVE-2021-34641) allows any authenticated user, like a subscriber, to call the REST route with a valid nonce, and to update the SEO title and description for any post.
 
“The permissions_callback for the endpoint only verified if the user had a valid REST-API nonce in the request,” according to the posting. “A valid REST-API nonce can be generated by any authenticated user using the rest-nonce WordPress core AJAX action.”

Read more: XSS Bug in SEOPress WordPress Plugin Allows Site Takeover | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>