Experiment with a new look for your site with themes created to take advantage of Full Site Editing.
Two severe vulnerabilities in the NextGEN Gallery WordPress plugin could have exposed more than 800,000 websites to complete takeover, WordPress security company Defiant reported on Monday.
Available for more than a decade, the plugin provides users with a broad range of gallery management capabilities, such as batch upload of photos, metadata import, thumbnail editing, photo and gallery management, and more.
In December 2020, security researchers with Defiant’s Wordfence team discovered two cross-site request forgery (CSRF) vulnerabilities in the popular plugin, the most severe of which could lead to remote code execution (RCE) and stored cross-site scripting (XSS).
“Exploitation of these vulnerabilities could lead to a site takeover, malicious redirects, spam injection, phishing, and much more,” the security researchers say.
Tracked as CVE-2020-35942, the first of these issues features a CVSS score of 9.6 and affects one of the plugin’s security functions, is_authorized_request.
Because NextGEN Gallery supports the upload of custom CSS files, the vulnerability allows for the upload of arbitrary code with double extensions, such as .php.css, and have code in them executed on certain configurations, remotely. Code execution was also possible on configurations not vulnerable to double extensions, because of a “Legacy Templates” feature.
An attacker able to execute code remotely on a vulnerable website would be able to essentially take over the site. A similar result can be achieved via XSS, if a logged-in administrator visits a malicious page (which would likely require social engineering tactics).
Tracked as CVE-2020-35943, the second vulnerability is considered high severity (CVSS score of 8.8) and resides in the validate_ajax_request security function that was implemented for various AJAX actions. A logic flaw in the function would result in requests being processed if a specific parameter was missing.
“This made it possible to trick an administrator into submitting a request crafted to upload an arbitrary image file. While the uploaded file had to be a valid image file, it is possible to hide a webshell or other executable PHP code within such an image file,” Wordfence explains.
By setting the image file as Legacy Template, an attacker could combine the flaw with the previously described vulnerability and abuse it for code execution. However, the attacker would have to convince an administrator to click on a link resulting in these requests being sent.
Wordfence reported these vulnerabilities to the plugin’s publisher, Imagely, on December 14, 2020, and a patched version of the plugin was published three days later. Site admins should make sure they are running NextGEN Gallery version 3.5.0 or later, to be protected.
Author: Ionut Arghire is an international correspondent for SecurityWeek.
Customize Your Entire Site With New Block Themes – WordPress.com News
Customize Your Entire Site With New Block Themes
Don’t worry if you’re just hearing about Full Site Editing for the first time. We’ve been releasing these new tools in a way that doesn’t actually require you to do anything with your existing site(s). If you are up for a change though, we’re happy to announce the launch of a brand new family of themes made specifically with Full Site Editing features in mind. As of this writing we have over two dozen themes available that support Full Site Editing.
These new themes have been designed with a wide variety of sites cases in mind. But their potential stretches well beyond their screenshots and demo sites. Because each theme is fully editable in the Site Editor, every one of these themes can be heavily customized to fit your site’s needs. You can start with theme that features single minimalist homepage, and then add as many menus and sidebars as you wish. Or, you can start with a complex business theme and strip it down to something minimal to suit your vision.
The Site Editor also includes a new feature called “Global Styles,” which allows you to edit site-wide settings for color, typography, and more. You’re free to change your theme’s default color scheme to whatever fits your mood, or even make all site text larger or smaller in a couple of clicks. To kick off this new feature, we’re also providing a few pre-built variations on some of these new themes.
All the new themes and variations can be found in the Theme Showcase. Or, if you’re starting a fresh site, they’ll be offered to you automatically in the site creation flow. This collection of themes is just the beginning, and we’re excited to continue launching a variety of diverse theme options for you. What would you like to see in the next set of themes on WordPress.com?
5 Social Media Advertising Tips to Nail Your Efforts and Get Your Expected Results
This Week on Xbox: Grounded is Here, Upcoming Releases and Much More
Daily Search Forum Recap: September 30, 2022
B2B PPC Experts Give Their Take On Google Search On Announcements
The 21 Best Lead Generation Tools in 2022
UK teen died after ‘negative effects of online content’: coroner
Critically-Acclaimed CRPG Pathfinder: Wrath of the Righteous Comes to Xbox Today
Daily Search Forum Recap: September 29, 2022
LinkedIn Rolls Out 3 Updates To Pages
The Best Programming Languages for Web Services and Their Advantages In 2022
Google Updates Documentation On Meta Descriptions
Explore the Path to Digital Future: Interconnect, Integrate and Innovate
Daily Search Forum Recap: September 5, 2022
Microsoft Advertising Gains Pinterest Import, More Google Imports, & More
Google Again Says Spikes In Crawling Activity Not A Sign Of The Helpful Content Update Rollout
How To Launch Your First Google Ads Remarketing Campaign
Confusion Over Google Search Console’s HTTPS Is Invalid And Might Prevent It From Being Indexed
The Ultimate Timeline of Google Algorithm Updates (+ Recommendations)
Google Adds More Options to Manage Ad Assets and Extensions
7 Tips For Creating Instagram Story Ads That Convert
MARKETING7 days ago
What’s hot in the metaverse for consumers
SEO5 days ago
Here’s How Much You Can Really Make From Affiliate Marketing
SEO6 days ago
Google On Percentage That Represents Duplicate Content
MARKETING5 days ago
How We Increased a Client’s Leads by 384% in Six Months by Focusing on One Topic Cluster [Case Study]