Connect with us

NEWS

WordPress Template Plugin Vulnerability Hits +1 Million Sites via @sejournal, @martinibuster

Published

on

wordpress vulnerability 619125762df52 sej

Starter Templates — Elementor, Gutenberg & Beaver Builder Templates plugin by the publishers of the Astra WordPress theme contains a vulnerability affecting over a million websites. The exploit allows an attacker to upload malicious scripts, stage a total site takeover and attack visitors to the vulnerable website.

Starter Templates — Elementor, Gutenberg & Beaver Builder Templates

The Starter Templates plugin is published by Brainstorm Force, the makers of the wildly popular Astra WordPress theme. The plugin allows users to use over 280 WordPress templates that help speed up website development.

The templates are made to be compatible with Elementor, Gutenberg, Brizy and Beaver Builder, as well as with the Astra theme.

Advertisement

Continue Reading Below

The plugin is installed in over one million websites.

Stored Cross Site Scripting (XSS) Vulnerability

The Starter Templates plugin by Brainstorm Force was discovered by security researchers at Wordfence to contain a type of vulnerability that allows an attacker to upload a malicious script that is in turn stored on the website itself.

Advertisement

A Stored XSS vulnerability is particularly troublesome because the uploaded script is stored on the server of the attacked site itself.

The non-profit Open Web Application Security Project (OWASP) describes the seriousness of this kind of XSS vulnerability on their website:

“Stored attacks are those where the injected script is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc.

The victim then retrieves the malicious script from the server when it requests the stored information.”

Advertisement

Continue Reading Below

Website Takeover and Attacks on Site Visitors

The vulnerability could lead to a total site takeover as well as use the vulnerable website to launch attacks on all site visitors.

Advertisement

According to the report by Wordfence:

“An attacker could craft and host a block containing malicious JavaScript on a server they controlled, and then use it to overwrite any post or page…

Any post or page that had been built with Elementor, including published pages, could be overwritten by the imported block, and the malicious JavaScript in the imported block would then be executed in the browser of any visitors to that page.

This could be used to redirect site visitors to malicious websites, or hijack an administrator’s session in order to create a new malicious administrator or add a backdoor to the site, leading to site takeover.”

Starter Templates Plugin Fixed

The publishers of the Starter Templates plugin were notified by Wordfence of the vulnerability and they promptly patched the plugin in version 2.7.1.

The public changelog for the Starter Templates plugin accurately records the patch:

v2.7.1 – 7-October-2021
– Security Improvement: Validate the site URL before processing the import request.
– Security Improvement: Updated right file upload permission before importing images.

An honest changelog like the one published by Brainstorm Force is a sign of a quality publisher and it’s great to see them being open about closing security issues.

Advertisement

Wordfence Advises that Publishers Update Their Plugin

Wordfence recommends that all publishers using this plugin update to the very latest version of the plugin is 2.7.5 because this newest version also contains important bug fixes.

Advertisement

Continue Reading Below

Citation

Read the Wordfence Report On The Starter Template Vulnerability

Over 1 Million Sites Impacted by Vulnerability in Starter Templates Plugin

Searchenginejournal.com

Advertisement
Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address