Multiple vulnerabilities in WP Comment Remix 1.4.3

A number of vulnerabilities have been discovered in the WP Comment Remix 1.4.3 plugin.

The following is a short overview of the vulnerabilities discovered:

• SQL Injection: caused by unsanitized variable “p” in the ajax_comments.php file.
• Cross Site Scripting: This affects authenticated and unauthenticated users.
• Cross Site Request Forgery: the form generated through wpcr_do_options_page lacks the WordPress wp_nonce security function.

These vulnerabilities are considered HIGH risks. The latest version (1.4.4) apparently addresses these issues.

Credit: ChX Security

More Info: The full Advisory can be found on the ChX Security Website.

Advisories, BlogWatch, WordPress
• st_newsletter SQL Injection
• Wordpress-MU Cross Site Scripting Vulnerability

If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Comments

Pingback by Thid-Party Components | Startup Security on November 3, 2008 @ 3:36 pm



[...] of it and understand what your primary risks are as noted above. A perfect example is the recent WP Comment Remix Security Bulletin – installation of that plugin allowed for both SQL Injection and Cross-Site Scripting. Tags: [...]

Leave a comment

Name (required)

E-mail (required)

URI

Your Comment


Notify me of followup comments via e-mail

Copyright 2007. BlogSecurity. All rights reserved

• Home
• About
• Advertise
• BlogSec News
• Contact Us
• WPSCAN