menu Home chevron_right
seo

WordPress Gutenberg Template Library Plugin Vulnerability Affects +1 Million Sites

eddygates1 | September 2, 2021


A third party WordPress Gutenberg Template Library plugin with over a million users was discovered to have two vulnerabilities. Successful exploitation of these vulnerabilities could create an indirect path toward a total site takeover.

The WordPress plugin, Gutenberg Template Library & Redux Framework, was discovered by WordPress security company WordFence to be vulnerable to two specific attacks.

Gutenberg Template Library & Redux Framework WordPress Plugin

This plugin is a library of WordPress Gutenberg blocks that allow publishers to easily build websites using the pre-made building “blocks” when creating a website using the Gutenberg interface.

According to the official plugin description:

“Quickly create full pages in WordPress’ Gutenberg

Supercharge the Gutenberg editor with our ever-growing library of WordPress Blocks and templates. Discover what’s possible and implement any design on your website in virtually no time at all.”

Advertisement

Continue Reading Below

WordPress REST-API

One of the vulnerabilities takes advantage of a less secure code interface with the WordPress REST-API. The REST-API is a feature that allows plugins to interface with the CMS and make changes within the website.

The WordPress REST-API developer page describes it like this:

“The WordPress REST API provides an interface for applications to interact with your WordPress site by sending and receiving data as JSON (JavaScript Object Notation) objects.

It is the foundation of the WordPress Block Editor, and can likewise enable your theme, plugin or custom application to present new, powerful interfaces for managing and publishing your site content.

…the most important thing to understand about the API is that it enables the block editor and modern plugin interfaces without compromising the security or privacy of your site.”

Advertisement

Continue Reading Below

Technically, when a plugin interface is securely implemented by  plugin coders, the WordPress REST-API does not present a security issue.

Gutenberg Template Library & Redux Framework Vulnerabilities

There are two vulnerabilities. Neither of these vulnerabilities allow an attacker to take over a website.

However the vulnerabilities do allow the attackers to institute a series of changes that can then lead to a total site takeover.

The first vulnerability allows an attacker with contributor or author level permissions to install any vulnerable plugin that’s in the WordPress repository and from there take advantage of those vulnerabilities to execute an attack.

The second vulnerability is described as an Unauthenticated Sensitive Information Disclosure vulnerability by WordFence.

The word “unauthenticated” means that the attacker does not need to be signed into the WordPress site in order to execute the attack.

This particular vulnerability allowed an attacker to retrieve sensitive information about the WordPress site. This allows the attacker to identify vulnerable plugins that can be exploited.

According to WordFence:

“This $support_hash AJAX action, which was also available to unauthenticated users, called the support_args function in redux-core/inc/classes/class-redux-helpers.php, which returned potentially sensitive information such as the PHP version, active plugins on the site and their versions, and an unsalted md5 hash of the site’s AUTH_KEY and SECURE_AUTH_KEY.

This would be most useful in cases where a separate plugin with an additional vulnerability was installed, as an attacker could use the information to save time and plan an intrusion.”

Advertisement

Continue Reading Below

Users Encouraged to Update their Plugins

WordFence strongly encouraged all users of the plugin to update to at least version 4.2.13 of the Gutenberg Template Library & Redux Framework WordPress plugin.

Citation

Read the WordFence announcement
Over 1 Million Sites Affected by Gutenberg Template Library & Redux Framework Vulnerabilities

 



Written by eddygates1

Comments

This post currently has no comments.

Leave a Reply





MAde in Grenada and Design to Blaze we are Rebel Nation

Newsletter

  • cover play_circle_filled

    01. Tipsy Bar & Gril

  • cover play_circle_filled

    02. Digicel

  • cover play_circle_filled

    01. Communical Credit Union

  • cover play_circle_filled

    01. Digicel

  • cover play_circle_filled

    02.

  • cover play_circle_filled

    Live Podcast 010
    Kenny Bass

  • cover play_circle_filled

    Live Podcast 009
    Paula Richards

  • cover play_circle_filled

    Live Podcast 008
    R. Galvanize

  • cover play_circle_filled

    Live Podcast 007
    Kenny Bass

  • cover play_circle_filled

    Live Podcast 006
    J PierceR

  • cover play_circle_filled

    Live Podcast 005
    Gale Soldier

  • cover play_circle_filled

    Live Podcast 004
    Kelsey Love

  • cover play_circle_filled

    Live Podcast 003
    Rodney Waters

  • cover play_circle_filled

    Live Podcast 002
    Morris Play

  • cover play_circle_filled

    Live Podcast 001
    Baron Fury

play_arrow skip_previous skip_next volume_down
playlist_play