Tag: Cross-Site Scripting (XSS) (Page 1 of 2)

SiteLock Website Security

Identifying Common Types of Cyberattacks

Is your website behaving strangely? Have you noticed it’s taking a long time to load, or that there are new pages, lines of code, or files on your site you didn’t create? Or perhaps you’ve seen a drastic decrease in site traffic, or you suddenly can’t log in as an admin? These are just a few visible signs that your site might be experiencing a cyberattack.

Of course, just because you’re not experiencing any of these symptoms doesn’t mean your website is secure. In fact, it’s possible for attacks and infections on your website to go undetected for years. To help ensure your site isn’t a target for cyberattacks, you need to know what you’re dealing with. In this blog, we’ll discuss what cyberattacks are, the most common types of attacks your website is likely to face, and most importantly, how you can prevent them.

Read More

sitelock website security insider q3 2017

Three Common Cybersecurity Threats Small Businesses Should Be Worried About

As a small business, you’re likely concerned with drawing traffic and visitors to your site – but you may be attracting the wrong kind of attention. Cybercriminals are constantly targeting websites, and yours may be one of them. No matter how small your business is, you’re not too small to be hacked. In fact, 50% of small businesses in the US have been breached. Big or small, the average site is attacked 50 times per day, and improper security measures can increase your risk.

The evolving world of cybercrime can be complicated, and at the end of the day, you just want what’s best for your business. While you don’t need to be a cybersecurity expert to successfully protect your business, it’s beneficial to understand the ways cybercriminals seek to threaten your livelihood. You can start by learning about the three common cybersecurity threats that all small business owners should be prepared for: malware, vulnerabilities, and DDoS attacks.

Read More

CMS security update

Joomla! Releases 3.8.9 Including Security Updates

The newest version of Joomla!, version 3.8.9, was released on June 26, 2018. This version addresses two minor security vulnerabilities and several other bugs which caused errors in the application’s core.

Read More

CMS security update

Joomla! Releases Security Update in Version 3.8.8

Joomla! recently released version 3.8.8 which included nine security updates addressing various vulnerabilities as well as over 50 other bug fixes. Many of the security vulnerabilities impacted all versions of Joomla! from version 2.5.0 through 3.8.7, making application updates important to protecting sites using the open source platform.

Among the vulnerabilities are three cross-site scripting (XSS vulnerabilities) that impact different parts of the core Joomla! Application. In addition to the low and moderate XSS vulnerabilities, there are six other low priority security issues addressed in the new version. These include addressing possibly vulnerable access to website data and field filtering for Joomla! components.

Read More

SiteLock Threat Intercept

Threat Intercept: SiteLock Discovers XSS Vulnerability in WooCommerce Extension

This article was co-authored by Product Evangelist Logan Kipp.

THREAT SUMMARY

Low Threat
WordPress Website Security Threat Level
Learn More

Category: XSS – Reflected

Trend Identified: 7/25/2017

CVE ID: N/A

Threat Name: N/A

Vector: Browser/Javascript

The threat rating was determined using the following metrics:

Complexity:

MEDIUM: While initial exploitation is low complexity, weaponization requires action from the victim.

Confidentiality Impact:

MEDIUM: Successful exploitation of this vulnerability could potentially hijack individual browser sessions.

Integrity Impact:

MEDIUM: Successful exploitation of this vulnerability could potentially hijack individual browser sessions.

What is it?

SiteLock recently found a reflected cross-site scripting (XSS) vulnerability in the WooCommerce “Product Vendors” plugin for WordPress. Reflected XSS vulnerabilities differ from persistent XSS in that each attack is completed in the duration of a single session, rather than permanently modifying the impact site. According to the Open Web Application Security Project (http://www.owasp.org):

The variety of attacks based on XSS is almost limitless, but they commonly include transmitting private data, like cookies or other session information, to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user’s machine under the guise of the vulnerable site.

 

Who is impacted?

Websites running the WooCommerce “Product Vendors” plugin versions 2.0.35 and older are vulnerable to this exploit. Fortunately, Automattic (WooCommerce’s parent company) patched the vulnerability almost immediately after being contacted by SiteLock. Unfortunately, many site owners do not update their plugins frequently, or at all. If you use Product Vendors for WooCommerce, make sure that you are running the most recent version (v2.0.38 at the time of writing).

 

How was it found?

Our automated scanner alerted us to an XSS vulnerability on a customer’s website, which we determined was due to the WooCommerce “Product Vendors” plugin. What was unusual in this case is that the vulnerable plugin was, at the time, the most recent version, so no patches were yet available for the vulnerability. We immediately contacted Automattic concerning our findings in following our Responsible Disclosure Policy, provided all relevant information on the vulnerability, and coordinated this disclosure.

 

Remediation Steps

The simplest way to fix this vulnerability is to update the plugin to the newest version, which was patched less than a week after the vulnerability was reported. Fortunately for SiteLock TrueShield customers, emergency policy updates were pushed to protect against this vulnerability as soon as it was discovered. However, we still recommend updating WooCommerce Product Vendors to the latest version.

 

Technical details

Overview

WooCommerce Product Vendors is a WordPress plugin which allows eCommerce sites to create a marketplace with multiple vendors, taking commissions from each vendor’s sales. The XSS vulnerability was found in the Vendor Signup form, which can be placed anywhere on the site.

 

Cause

This version of the plugin has a reflected XSS vulnerability because the $_POST parameter for vendor_description, which allows vendors to insert a description of their company, is not properly escaped, allowing arbitrary JavaScript to be executed in a visitor’s browser.

 

Reproduction Steps

In this case, the issue was reproduced using the below cURL request, and verified when the output showed the unaltered script.

Exploitability

$_POST parameter XSS vulnerabilities are often underestimated because it’s not possible to exploit them by directly sending a victim to the vulnerable URL. This difficulty is easily circumvented by first directing the victim to an attacker-controlled form that uses JavaScript to submit itself. As $_POST parameters are not directly visible in the URL, this also hides any suspicious parameters that would appear in a $_GET exploit. Additionally, as $_POST requests do not have the same character limit as $_GET requests, a larger payload can be delivered.

Note: It is also possible to craft a data:// URL that includes a self-submitting form, negating the need for the attacker to control another site. However, many browsers impose a length limit on data URLs, and data URLs are unusual enough to elicit suspicion in a potential victim.

 

Impact

As with all reflected XSS vulnerabilities, the impact depends on the ingenuity of the attacker. Reflected XSS allows an attacker to take control of the victim’s browser for as long as the tab is open on the vulnerable site, and victims are far more likely to leave a tab open on a site that appears to be legitimate. Stealing credentials, hijacking sessions, or exfiltrating payment information entered on the vulnerable site may also be possible, depending on the site’s configuration and the security measures in place.

 

Remediation

If updating to the latest version is not possible, this vulnerability can also be patched by escaping the $_POST[‘vendor_description’] parameter on line 61 of wp-content/plugins/woocommerce-product-vendors/templates/shortcode-registration-form.php using the esc_attr() WordPress function.

 

cybersecurity for web designers and developers

Web Development and Cybersecurity – Are You Protecting Your Clients?

Cybersecurity continues to be an evolving challenge for website designers and developers. Everyday, hackers create new malware strains and perform sophisticated attacks that can devastate client websites.

SiteLock is promoting Cybersecurity Awareness Month and as a web designer or developer, it is imperative that you understand your role in the security of your clients’ websites. Many people assume that you are handling every aspect of the site, including its protection. Because of this, you must take action and understand how to provide that security.

Read More

website security

What is Cross-Site Request Forgery (CSRF)?

More often than not, when people think of a hacker, they think of someone technologically infiltrating a network and stealing mass amounts of sensitive information sitting behind it. In actuality, hackers tend to employ methods that take advantage of individual users, often in tandem with some form of social engineering.

Read More

Hackers Compromise Website

How Hackers Compromise Your Website

Cybercriminals are unpredictable. They’ll surprise you by sneaking into your website, executing attacks and harming your data and business. You can think of it like a baseball game in which the hacker is trying to make it to the next base without getting called out. Secure all your bases by learning a little about how hackers attack your website.

Read More

Patch for Core WordPress XSS Flaw for Versions 4.5 and Below to Be Released

Yesterday on Twitter, Dr.-Ing. Mario Heiderich of security firm Cure53 announced an unauthenticated cross-site scripting flaw in WordPress version 4.5, the current version as of the announcement, and below.

wp-xss-1

Cross-site scripting, or XSS, flaws are vulnerabilities in a website’s code where malicious actors can execute, or trick visitors or administrators to execute, malicious code in a visitor’s browser.

Read More

WordPress plugin vulnerability

SiteLock Research Team Uncovers WordPress Plugin Vulnerability

The SiteLock Research Team will have many firsts as it develops. This week we’ll discuss the first reported and patched vulnerability the team found, a minor cross-site scripting vulnerability in Testimonial Slider.

The team has been working on putting together a new vulnerability research process.   During the creation of this process, we tested a not-so-randomly chosen WordPress plugin, Testimonial Slider. We chose Testimonial Slider for no other reason than it was a slider plugin, after the recent Revolution Slider exploit.

What Does Testimonial Slider Do?

Testimonial Slider, developed by SliderVilla.com, displays customer testimonials in a responsive slider and has over 10,000 installs. We analyzed version 1.2.1 using SiteLock TrueCode and manual analysis.

Read More

Page 1 of 2

Powered by WordPress