Geeks for your information News Privacy & Security News v
Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover
Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
Information  14 January 21, 15:13 (This post was last modified: 14 January 21, 15:13 by silversurfer.)
Quote:Two vulnerabilities (one critical) in a WordPress plugin called Orbit Fox could allow attackers to inject malicious code into vulnerable websites and/or take control of a website.
 
Orbit Fox is a multi-featured WordPress plugin that works with the Elementor, Beaver Builder and Gutenberg site-building utilities. It allows site administrators to add features such as registration forms and widgets. The plugin, from a developer called ThemeIsle, has been installed by 400,000+ sites.
 
According to researchers at Wordfence, the first flaw (CVEs are pending) is an authenticated privilege-escalation flaw that carries a CVSS bug-severity score of 9.9, making it critical. Authenticated attackers with contributor level access or above can elevate themselves to administrator status and potentially take over a WordPress site.
 
The second bug meanwhile is an authenticated stored cross-site scripting (XSS) issue that allows attackers with contributor or author level access to inject JavaScript into posts. This injection could be used to redirect visitors to malvertising sites or create new administrative users, among other actions. It’s rated 6.4 on the CVSS scale, making it medium severity.
 
The privilege-escalation bug exists in the Orbit Fox registration widget, according to researchers.
The widget is used to create registration forms with customizable fields when using the Elementor and Beaver Builder page-builder plugins. Site administrators can set a default role to be assigned to users who register on the site using the form.
 
“Lower-level users like contributors, authors, and editors were not shown the option to set the default user role from the editor. However, we found that they could still modify the default user role by crafting a request with the appropriate parameter,” Wordfence researchers explained, in a Tuesday posting. “The plugin provided client-side protection to prevent the role selector from being shown to lower-level users while adding a registration form. Unfortunately, there were no server-side protections or validation to verify that an authorized user was actually setting the default user role in a request.”

Read more: https://threatpost.com/orbit-fox-wordpre...gs/163020/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Actual Microsoft Azure AZ-900 Certificat...
Our AZ-900 exam dump...jacklim — 12:35
Microsoft Releases Windows 11 Insider Bu...
Microsoft has roll...harlan4096 — 09:22
WhatsApp Is Developing On-Device Scam De...
Meta is working on...harlan4096 — 09:21
Apple Announces macOS 27 Golden Gate, Dr...
Apple announced ma...harlan4096 — 07:38
AnyDesk 9.7.5 for Windows
Version 9.7.5 for ...harlan4096 — 06:00

[-]
Birthdays
Today's Birthdays
avatar (42)zacforat
avatar (47)NemrokReks
Upcoming Birthdays
avatar (39)Tedscolo
avatar (46)brakasig
avatar (45)JamesReshy
avatar (47)Francisemefe
avatar (40)leoniDup
avatar (39)Patrizaancem
avatar (39)biobdam
avatar (38)Barrackleve
avatar (40)Julioagopy
avatar (50)aolaupitt2558
avatar (40)storoBox
avatar (48)kinotHeemn
avatar (39)Ceballos1976
avatar (40)efynu
avatar (32)horancos

[-]
Online Staff
zevish's profile zevish

>