A vulnerability advisory was issued for a WordPress plugin that saves contact type submissions. The flaw permits unauthenticated attackers to delete recordsdata, launch a denial of service assault, or carry out distant code execution. The vulnerability was given a severity score of 9.8 on a scale of 1 to 10, indicating the seriousness of the difficulty.
Database for Contact Kind 7, WPForms, Elementor Types Plugin
The Database for Contact Kind 7, WPForms, Elementor Types, additionally apparently generally known as the Contact Kind Entries Plugin, saves contact type entries into the WordPress database. It permits customers to view contact type submissions, search them, mark them as learn or unread, export them, and carry out different capabilities. The plugin has over 70,000 installations.
The plugin is weak to PHP Object Injection by an unauthenticated attacker, which implies that an attacker doesn’t must log in to the web site to launch the assault.
A PHP object is an information construction in PHP. PHP objects might be was a sequence of characters (serialized) with a view to retailer them after which deserialized (turned again into an object). The flaw that provides rise to this vulnerability is that the plugin permits an unauthenticated attacker to inject an untrusted PHP object.
If the WordPress website additionally has the Contact Kind 7 plugin put in, then it may set off a POP chain throughout deserialization.
In line with the Wordfence advisory:
“This makes it attainable for unauthenticated attackers to inject a PHP Object. The extra presence of a POP chain within the Contact Kind 7 plugin, which is probably going for use alongside, permits attackers to delete arbitrary recordsdata, resulting in a denial of service or distant code execution when the wp-config.php file is deleted.”
All variations of the plugin as much as and together with 1.4.3 are weak. Customers are suggested to replace their plugin to the newest model, which as of this date is model 1.4.5.
Featured Picture by Shutterstock/tavizta
