Monday, June 21st, 2021
Smarttech247 Researcher Discovers Zero-Day Vulnerability in WordPress Plugin
Smarttech247 Offensive Security Senior Researcher, Rafal Goryl discovered an A1 class: SQL injection vulnerability in the GeoDirectory Location Manager plug-in for WordPress – affecting over 10,000 businesses that have installed this plug-in globally.
A zero-day vulnerability is a software security bug that is publicly disclosed and has not yet been patched by the vendor. This vulnerability can also be actively exploited in the wild or have publicly available proof-of-concept exploits and is easily exploited by threat actors.
This kind of vulnerability shows major security risks, leaving your networks and devices vulnerable to zero day attacks, which can lead to potential damage to your systems, data and private information.
While conducting our research, one of the actively tested endpoints gained our attention, returning interesting results. For example, it was possible to delay application response by a specified time in the single parameter, most likely through SQL injection. Source code analysis confirmed our assumptions, and we have prepared a PoC to exploit code.
You will find the official CVE submitted by the Smarttech247 team and the POC here: https://wpscan.com/vulnerability/5aff50fc-ac96-4076-a07c-bb145ae37025
When you hear about a new Zero Day vulnerability like this in WordPress, you need to take it very seriously and pay careful attention. Immediately check to see if there is a fix available. If not, we would urge you to disable and uninstall the plugin for the time being and wait until a patched release is available.
You can also contact the vendor and ask them when a fix will be released. Once you’ve done that, keep a close eye on vendor announcements so that as soon as a fix for the Zero Day is released, you can apply it and know that your website is secure again.
If you require further information about this vulnerability, please reach out to us.