WordPress Plugin Vulnerability Report – Ad Inserter – Unauthenticated Sensitive Information Exposure – CVE-2023-4668, CVE-2023-4645
Plugin Name: Ad Inserter
Key Information:
- Software Type: Plugin
- Software Slug: ad-inserter
- Software Status: Active
- Software Author: Spacetime
- Software Downloads: 13,908,300
- Active Installs: 300,000
- Last Updated: September 22, 2023
- Patched Versions: 2.7.31
- Affected Versions: 2.7.30
Vulnerability Details:
- Name: Ad Inserter <= 2.7.30 - Unauthenticated Sensitive Information Exposure via ai-debug-processing-fe
- Type: Missing Authorization
- CVE: CVE-2023-4668
- CVSS Score: 5.3 (Medium)
- Publicly Published: September 22, 2023
- Researcher: Marco Wotschka
- Description: This vulnerability allows unauthenticated attackers to extract sensitive data including installed plugins (present and active), active theme, various plugin settings, WordPress version, as well as some server settings such as memory limit, installation paths via the ai-debug-processing-fe URL parameter.
- Name: Ad Inserter <= 2.7.30 - Unauthenticated Sensitive Information Exposure via ai_ajax
- Type: Missing Authorization
- CVE: CVE-2023-4645
- CVSS Score: 5.3 (Medium)
- Publicly Published: September 22, 2023
- Researcher: Marco Wotschka
- Description: This vulnerability enables unauthenticated attackers to extract sensitive data such as post titles and slugs (including those of protected posts along with their passwords), usernames, available roles, the plugin license key provided the remote debugging option is enabled.
Summary:
The Ad Inserter plugin for WordPress has vulnerabilities in version 2.7.30 that expose sensitive information to unauthenticated attackers. These vulnerabilities have been patched in version 2.7.31.
Detailed Overview:
Discovered by Marco Wotschka, these vulnerabilities located in the ai-debug-processing-fe URL parameter and ai_ajax function expose sensitive data such as installed plugins, active theme, WordPress version, server settings, post titles and slugs, usernames, and available roles. The exposure of such information can lead to further exploitation of the affected sites. The plugin developers have promptly released a patch, addressing these vulnerabilities in version 2.7.31.
Advice for Users:
- Immediate Action: Users are encouraged to update to the patched version 2.7.31 immediately to protect their sites.
- Check for Signs of Vulnerability: Monitor user activity, check server logs, and review site content for any unauthorized changes or access.
- Alternate Plugins: While a patch is available, users might consider plugins that offer similar functionality as a precaution.
- Stay Updated: Always ensure that your plugins are updated to the latest versions to avoid vulnerabilities.
Conclusion:
The prompt response from the Ad Inserter plugin developers to patch this vulnerability underscores the importance of timely updates. Users are advised to ensure that they are running version 2.7.31 or later to secure their WordPress installations.
References:
- Wordfence Vulnerability Report - Ad Inserter
- Detailed Vulnerability Information 1
- Detailed Vulnerability Information 2
Detailed Report:
Keeping your WordPress website secure is a constant battle. New vulnerabilities in popular plugins emerge frequently, exposing millions of sites to potential exploits. This is the case with a serious vulnerability recently discovered in Ad Inserter, one of the most widely used WordPress ad management plugins. If your site runs this plugin, you need to take action immediately to avoid putting your site at risk. In this post, we’ll cover everything you need to know about the vulnerability, how to update Ad Inserter, additional precautions you can take, and why staying on top of security threats like this is so important for the safety of your website.
Overview of the Ad Inserter Plugin
Ad Inserter is a premium WordPress plugin with over 13 million downloads and 300,000 active installs. It provides site owners granular control over placing ads, enabling features like ad rotation, display frequency capping, and advanced targeting options. For site owners running Google AdSense, display ads, or affiliate promotions, Ad Inserter is a popular choice to optimize ad placements and earnings.
Details on the Discovered Vulnerability
On September 22, 2023, security researcher Marco Wotschka publicly disclosed two critical vulnerabilities in Ad Inserter versions 2.7.30 and earlier:
- CVE-2023-4668 - Unauthenticated sensitive information exposure via the ai-debug-processing-fe parameter. This vulnerability allows attackers to extract info like installed plugins, active theme, plugin settings, WordPress version, and server settings.
- CVE-2023-4645 - Unauthenticated sensitive information exposure via the ai_ajax function. This vulnerability reveals post titles/slugs, usernames, available roles, and potentially the plugin license key.
Both issues enable unauthenticated access to sensitive information, posing a serious security threat to any site running the affected versions.
Impacts of Potential Exploitation
If exploited, these vulnerabilities would grant attackers significant visibility into a site's technical configuration, users, and content. They could use this information to identify other potential vulnerabilities to exploit. Attackers could also access private post titles/slugs and author info, exposing private data.
The exposure of plugin settings and WordPress version info would help attackers fingerprint sites to craft targeted attacks. With nearly 300,000 sites actively running vulnerable versions, this poses a widespread threat.
Updating Ad Inserter to Patch Vulnerability
The developer of Ad Inserter has patched these issues in version 2.7.31. Sites using Ad Inserter should update to this latest version immediately to secure their plugin and prevent potential attacks.
To update Ad Inserter:
- Log in to your WordPress dashboard.
- Go to Plugins > Installed Plugins.
- Find Ad Inserter and click Update to 2.7.31.
- Click Activate to enable the updated plugin.
Additionally, check your site content and users for any unauthorized changes as a precaution. Consider adding additional security plugins like Wordfence to protect your site.
History of Ad Inserter Vulnerabilities
This is not the first vulnerability found in Ad Inserter. There have been 8 other vulnerabilities reported in the plugin since May 2015, most recently in March 2021. This reinforces the importance of promptly updating Ad Inserter when new versions are released to mitigate security issues.
Importance of Staying on Top of Vulnerabilities
For small business owners running WordPress sites, staying on top of vulnerabilities in plugins like Ad Inserter can feel overwhelming. However, ignoring or delaying critical security updates leaves your site at serious risk of attack and data breaches.
Make sure to subscribe to plugin update notifications, monitor security bulletins, and schedule regular WordPress maintenance routines to keep plugins updated. Also consider enlisting a managed WordPress host or developer to handle security monitoring and updates for you.
Neglecting your site's security can result in your site being down for hours, losing valuable business, search engine penalties, and worse. Protecting your WordPress site and keeping plugins like Ad Inserter updated is well worth the effort.
Conclusion: Update Ad Inserter Now to Protect Your Site
The vulnerabilities uncovered in the Ad Inserter plugin pose a severe security risk for the hundreds of thousands of sites relying on it. Updating to the latest patched version is critical to safeguard your site from potential exploits or data breaches. Take action now to update Ad Inserter, check your site for any suspicious activity, and commit to ongoing security maintenance. Your business and your users depend on it.
As a business owner, you don't have time to constantly monitor for WordPress vulnerabilities like this. At Your WP Guy, we become your outsourced IT team to handle security, updates, maintenance and support. Let us fully audit your site and plugins to assess any impact from this issue. We'll update everything to patched versions so you can rest easy knowing your site is locked down.
Focus on your business goals while we focus on your WordPress site's security. Chat with us anytime during business hours, schedule a call or call 678-995-5169 for a free consultation on securing your online presence.