Security Researcher Announces Serious Vulnerability in Popular WordPress Plugin

A security researcher has announced a serious vulnerability in the default configuration of a popular WordPress plugin.

According to Jason Donenfield in this Full Disclosure list, claims the WordPress plugin “W3 Total Cache”, which boasts high-traffic sites like Mashable and Lockergnome among its users, has serious vulnerabilities.

In the default setup, when users simply choose “add plugin” from the WordPress catalogue leaves cache directory listings enabled, according to Donenfield.

He said this allows database cache keys to be downloaded on vulnerable installations and that could expose password hashes. “A simple google search of “inurl:wp-content/plugins/w3tc/dbcache” and maybe some other magic reveals this wasn’t just an issue for me”, he writes.

The search term was later amended by Donenfield to “inurl:wp-content/w3tc”.

“Even with directory listings off,” he continues, “cache files are by default publicly downloadable, and the key values / file name of the database cache items are easily predictable.”

Donenfield says the developer of the plug-in intends to release a fix “soon”. In the meantime, he notes that “deny from all” should be set in the .htaccess file.

Advertisements

2 thoughts on “Security Researcher Announces Serious Vulnerability in Popular WordPress Plugin”

  1. Today, I went to the beach front with my kids.
    I found a sea shell and gave it to my 4 year old daughter and said “You can hear the ocean if you put this to your ear.” She put
    the shell to her ear and screamed. There was a hermit crab inside and it pinched her
    ear. She never wants to go back! LoL I know this is totally
    off topic but I had to tell someone!

    Like

  2. Woah! I’m really digging the template/theme of this blog. It’s simple,
    yet effective. A lot of times it’s very hard to get that “perfect balance” between user friendliness and visual appeal. I must say that you’ve
    done a excellent job with this. Additionally, the
    blog loads very quick for me on Opera. Outstanding Blog!

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s