WordPress Vulnerability Roundup - Q1 2019

March 27, 2019

WordPress is a free open-source content management system. It powers about 30% of all websites on the internet and 33% of the Top 10 Million Sites globally. There are over 50,000 WordPress plugins available to add-in features and extend the functionality of WordPress websites. Since WordPress is the most popular CMS, it becomes the common target for hackers to cause more damage than any other platform.

Since the beginning of the year 2019, three zero-day vulnerabilities have been discovered on WordPress plugins Total donations, Easy WP SMTP and Social Warfare. These were actively being exploited in the wild and hackers continue to compromise WordPress websites that are still unpatched.

The SonicWall Capture Labs Threat Research Team has analyzed and addressed WordPress Vulnerabilities for Q1 2019. 

The three  vulnerabilities that WordPress suffers are from the WordPress Core, plugins, and themes.

Fig: Q1 2019 WordPress vulnerability distribution by components

Cross-site scripting (XSS) is at the top of the list. WordPress plugins are prone to Cross-site scripting as they fail to properly sanitize user-supplied input.

Fig: Q1 2019 WordPress vulnerability distribution by types

Nearly 40 WordPress vulnerabilities disclosed just in the month of March. Most of the bugs were in the plugins that extend the WordPress webpage's functionality.

Fig: Q1 2019 WordPress vulnerability 

The top vulnerable plugins include the popular ones, WooCommerce with 4+ million active installations. Followed by WP Google Maps with 400,000+ active installations. 

Fig: Q1 2019 Top Vulnerable WordPress plugins

1. How To Fix WordPress Zero Day Plugin Vulnerability?
 Immediately check to see if there is a patch available. If no patch available, consider disabling and deleting the plugin that contains the Zero Day vulnerability.
2. How to secure WordPress websites?
WordPress has detailed the following security best practices   
3. What to do when my WordPress website is hacked?

SonicWall Capture Labs Threat Research team provides protection with the following signatures:

IPS: 14105 WordPress plugin Easy SMTP vulnerability
IPS: 14106 WordPress plugin Social Warfare XSS Vulnerability
IPS: 14005 WordPress Total Donations Plugin Authentication Bypass 1
IPS: 14006 WordPress Total Donations Plugin Authentication Bypass 2
WAF: 1704 WordPress Social Warfare Cross-Site Scripting Vulnerability
WAF: 1703 Easy WP SMTP Unauthenticated Arbitrary wp_options Import
WAF: 1691 WordPress Total Donations Plugin Authentication Bypass