Question 1

What exactly is the vulnerability in WP Customer Reviews?

Accepted Answer

What exactly is the vulnerability in WP Customer Reviews?

The vulnerability, discovered by researcher Marco Wotschka, is a missing authorization issue affecting versions up to and including 3.6.8 of WP Customer Reviews. Specifically, the ajax_enabled_posts function allows authenticated users, even just subscribers, to access and extract sensitive information. This includes unpublished post titles, slugs, and details about protected or trashed content. By exposing non-public data, the vulnerability enables privilege escalation, information disclosure, and further potential attacks.

Question 2

How serious is this vulnerability?

Accepted Answer

How serious is this vulnerability?

With a CVSS severity score of 4.3 out of 10, this vulnerability is considered medium risk. However, it still poses a substantial threat given the wide user base of the plugin. Tens of thousands of WordPress sites are impacted, so the vulnerability could lead to widespread comment spam, phishing campaigns, malware distribution, SEO sabotage, and other attacks leveraging extracted information. Hackers could scrape customer email addresses for spam, publish unreleased content, and more.

Question 3

I use WP Customer Reviews. What should I do?

Accepted Answer

I use WP Customer Reviews. What should I do?

Since no official patch is available yet, you should strongly consider deactivating or uninstalling WP Customer Reviews for the time being. While inconvenient, this is the only way to fully eliminate the information disclosure risk. You can use alternate plugins like Yotpo or WP Reviews in the interim. Be sure to monitor the WP Customer Reviews changelog and reactivate when the developer releases a fixed version.

Question 4

How can I tell if my site was compromised?

Accepted Answer

How can I tell if my site was compromised?

Carefully review your content, logs, and user activity for any unauthorized changes or access. Signs of compromise could include new users or posts, modified/deleted content, spammy comments, changes to SEO titles/meta, and sudden traffic spikes. You may need to restore from a recent backup if significant alterations occurred. Run a security plugin scan for backdoors or malware.

Question 5

Are other plugins affected?

Accepted Answer

Are other plugins affected?

This specific vulnerability only impacts WP Customer Reviews. However, vulnerabilities are discovered frequently in WordPress plugins. Being diligent about updates for all plugins is critical, as flawed plugins become easy vectors for attacks. Limit plugins to those absolutely necessary, maintain strong permissions, and enable update notifications.

Question 6

Why wasn’t this caught sooner?

Accepted Answer

Why wasn’t this caught sooner?

While concerning, it is not entirely surprising for vulnerabilities to be missed during development and only discovered later. The key is the vendor response once notified - in this case, the developers have not yet issued a patch. Public disclosure pressures them to fix the flaw. Proper auditing and bug bounties would improve initial security.

Question 7

Is WordPress itself safe?

Accepted Answer

Is WordPress itself safe?

In general, the WordPress core is secure when kept updated. The larger risks come from themes, plugins, weak passwords, and poor configurations. So while WordPress itself has a strong track record, you must be vigilant about the whole site’s security - not just the content management system.

Question 8

What about my hosted WordPress site?

Accepted Answer

What about my hosted WordPress site?

Shared hosting platforms may automatically update WordPress itself. But you are still responsible for managing plugins, themes, and security settings. Do not rely on the host alone. Take ownership of the full site’s security, backup regularly, and control access. The host likely will not monitor or address plugin flaws.

Question 9

Are plugin vulnerabilities happening more often?

Accepted Answer

Are plugin vulnerabilities happening more often?

Due to WordPress' popularity, plugins have become a prime target. Flaws are disclosed more frequently, but the raw number remains small compared to plugins available. With proper vetting and limiting plugins, the risk stays manageable. Automated security scans help spot issues early.

Question 10

How can I stay on top of WordPress security?

Accepted Answer

How can I stay on top of WordPress security?

Subscribe to plugin update notifications, official WordPress security notices, and community sites detailing new threats. Test updates quickly when available. Limit, vet and monitor all plugins. Use automated vulnerability scanners. Backup frequently. And enable two-factor authentication for all user accounts on your site.

WP Customer Reviews

WordPress Plugin Vulnerability Report – WP Customer Reviews – Authenticated (Subscriber+) Sensitive Information Exposure – CVE-2023-4686

Recent Blog Posts

LiteSpeed Cache Vulnerability – Unauthenticated Sensitive Information Exposure via Log Files – CVE-2024-44000 | WordPress Plugin Vulnerability Report

Elementor Addon Elements Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Parameters – CVE-2024-4401, CVE-2024-7122 | WordPress Plugin Vulnerability Report

The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Vulnerability – Authenticated (Contributor+) Information Disclosure – CVE-2024-7418 | WordPress Plugin Vulnerability Report

Additional Resources

About Your WP Guy