Expert commentary: Black Hat SEO in Danger for Utilization of the Google WordPress Plugin Bug

Following reports from Bleeping Computer, a 300, 000 active installation of dangerous bug has been found in Google’s official WordPress plugin. Attributed to the disclosure of the proxySetupURL within the HTML source code of admin pages, this enables hackers to have owner access to the site’s Google Search Console. Not only that, but “the verification request used to verify a site’s ownership was a registered admin action” fails to have any capability checks. Thus,  such requests can come from any authenticated WordPress user.

 

Experts Comments

May 15, 2020
Martin Jartelius
CSO
Outpost24
It should be noted that this vulnerability does require attackers to have a non admin account on the site, and that the “critical” rating is a result of the researchers gauging this as a complete loss of confidentiality. Taking a more modest perspective on that as while sensitive this in no way a complete loss of confidentiality, this is a medium level risk. Of course, it should be patched at the soonest possible, but for many installations it is not exploitable, and for those where it is,.....Read More
It should be noted that this vulnerability does require attackers to have a non admin account on the site, and that the “critical” rating is a result of the researchers gauging this as a complete loss of confidentiality. Taking a more modest perspective on that as while sensitive this in no way a complete loss of confidentiality, this is a medium level risk. Of course, it should be patched at the soonest possible, but for many installations it is not exploitable, and for those where it is, the impact is bad but far from disastrous.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.