So as to address a high severity vulnerability, the “Real-Time Find and Replace” WordPress plugin was updated as of late in order to forestall the exploitation to infuse code into sites.
The plugin, accessible as open source and has over 100,000 installations is intended to permit WordPress site admins to dynamically supplant HTML content from themes and different plugins with the content on their personal preference before the page is served to users.
The vulnerability recognized by the name of 'Cross-Site Request Forgery (CSRF)' prompting Cross-Site Scripting (XSS), could have permitted an attacker to infuse malignant JavaScript code on a target site, yet just by fooling the administrator into performing explicit actions, such as clicking a link.
The core of the plugin's 'functionality' for including the find and replace rules in the function far_options_page, which didn't confirm the integrity of a request's source, since it didn't utilize nonce verification, WordPress Security Company Defiant had discovered.
By supplanting an HTML tag like <head> with noxious JavaScript, an attacker would ensure that their code executes on about each page of the targeted site. Utilizing the infused code, the attacker could make another administrative account; steal session cookies, or direct clients to a malevolent site.
Defiant detailed the vulnerability to the plugin's developer
on April 22 and the security flaw was tended to the same day.
The security company Defiant says, “Any attacker capable of
tricking a site owner into executing an unwanted action could replace any
content or HTML on a vulnerable site with new content or malicious code. This
replacement code or content would then execute anytime a user navigated to a page
that contained the original content. ”
“In the most up to date version, a nonce has been added
along with a check_admin_referer nonce verification function to ensure the
legitimacy of the source of a request,” Defiant explained further.
Version 4.0.2 or newer of the Real-Time Find and Replace
plugin includes a patch for the bug, and users are advised to update the plugin
as soon as possible to ensure their WordPress websites are protected.