SNS Vulnerability

Wordpress Multiple Third Party Plugins Multiple Vulnerabilities

Description

(#Several vulnerabilities have been identified in third party plugins for WordPress:#- Font: path traversal vulnerability in the 'font/AjaxProxy.php' file (CVE-2015-7683)#- Pie-register: blind SQL injection exploitable by a remote authenticated attacker (CVE-2015-7682)#- Pie-register: cross-site scripting (CVE-2015-7377)#- JM Twitter Cards : full path disclosure in the 'esc_html_e()' function##Proofs of concept are available.)

Vulnerable Products

Vulnerable Software:
WordPress (WordPress) -

Solution

- jm-twitter-cards: 6.2

CVE

CVE-2015-7683
CVE-2015-7682
CVE-2015-7377

References

- 0day : WordPress Font 7.5 Path Traversal Vulnerability
http://0day.today/exploit/24418
- WPScan : Pie-Register <= 2.0.18 - Authenticated Blind SQL Injection
https://wpvulndb.com/vulnerabilities/8213
- WPScan : Pie-Register <= 2.0.18 - Unauthenticated Reflected Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8212
- dwx : Full Path Disclosure vulnerability in JM Twitter Cards reveals the location of the WordPress installation on the server
https://security.dxw.com/advisories/full-path-disclosure-vulnerability-in-jm-twitter-cards-reveals-the-location-of-the-wordpress-installation-on-the-server/

Vulnerability Manager Detection

IPS Protection

ASQ Engine alarm	Available Since
Misc : Directory traversal - parameter starting with ../	3.2.0
SQL injection Prevention - GET : suspicious OR statement in URL	3.2.0
SQL injection Prevention - GET : suspicious combination of 'OR' or 'AND' statements in URL	3.2.0
SQL injection Prevention - GET : suspicious CREATE statement in URL	3.2.0
SQL injection Prevention - GET : suspicious CAST statement in URL	3.2.0
SQL injection Prevention - GET : suspicious OPENROWSET statement in URL	3.2.0
SQL injection Prevention - GET : suspicious DECLARE statement in URL	3.2.0
Directory traversal using ..\..	3.2.0
SQL injection Prevention - GET : suspicious OPENQUERY statement in URL	3.2.0
SQL injection Prevention - GET : suspicious shutdown statement in URL	3.2.0
Directory traversal	3.2.0
SQL injection Prevention - GET : suspicious UNION SELECT statement in URL	3.2.0
SQL injection Prevention - GET : possible database version probing	3.2.0
SQL injection Prevention - GET : suspicious UPDATE SET statement in URL	3.2.0
SQL injection Prevention - GET : suspicious SELECT statement in URL	3.2.0
SQL injection Prevention - GET : suspicious INSERT statement in URL	3.2.0
SQL injection Prevention - GET : suspicious DROP statement in URL	3.2.0
SQL injection Prevention - GET : suspicious EXEC statement in URL	3.2.0
SQL injection Prevention - GET : block comment delimiters in URL	3.2.0
Directory traversal backward root folder	3.2.0
XSS vulnerability in Pie Register	5.0.0
SQL injection Prevention - GET : Authentication bypass attempt with OR statement	5.0.0

Risk level

Moderate

Vulnerability First Public Report Date

2015-10-14

Target Type

Server

Possible exploit

Remote