WordPress Plugin Vulnerability Report – Slider – Missing Authorization via AJAX action

Plugin Name: Slider - Ultimate Responsive Image Slider

Key Information:

  • Software Type: Plugin
  • Software Slug: ultimate-responsive-image-slider
  • Software Status: Active
  • Software Author: farazfrank
  • Software Downloads: 1,338,384
  • Active Installs: 40,000
  • Last Updated: November 16, 2023
  • Patched Versions: 3.5.12
  • Affected Versions: <= 3.5.11

Vulnerability Details:

  • Name: Ultimate Responsive Image Slider <= 3.5.11 - Missing Authorization via AJAX action
  • Title: Missing Authorization via AJAX action
  • Type: Missing Authorization
  • CVSS Score: 4.3 (Medium)
  • Publicly Published: November 16, 2023
  • Description: The Slider – Ultimate Responsive Image Slider plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax_get_thumbnail_uris function in all versions up to 3.5.11 (inclusive). This makes it possible for subscriber-level attackers to access the meta-information associated with sliders.

Summary:

The Slider plugin for WordPress has a vulnerability in versions up to and including 3.5.11 that allows unauthorized access to slider metadata. This vulnerability has been patched in version 3.5.12.

Detailed Overview:

The Ultimate Responsive Image Slider plugin has a missing authorization vulnerability that was publicly disclosed on November 16, 2023. This vulnerability impacts versions 3.5.11 and earlier. The vulnerability is due to a missing capability check on the ajax_get_thumbnail_uris AJAX function. This allows attackers with only subscriber level access to improperly access slider meta information that should require editor access. The vulnerability received a CVSS score of 4.3 which is medium severity. The vulnerability was addressed by the developers in version 3.5.12 so users should update as soon as possible. This vulnerability could lead to exposure of slider meta data and potentially open up further attacks.

Advice for Users:

  1. Immediate Action: Update to version 3.5.12 or higher as soon as possible.
  2. Check for Signs of Vulnerability: Review your site's sliders and slider metadata to ensure no unauthorized changes have occurred.
  3. Alternate Plugins: Consider alternate slider plugins like Meta Slider or Soliloquy as a precaution.
  4. Stay Updated: Always keep your plugins updated, especially for security updates.

Conclusion:

The quick response by the Slider developers to patch this vulnerability shows the importance of staying up to date. Users should upgrade to version 3.5.12 or higher immediately to secure their WordPress sites.

References:

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ultimate-responsive-image-slider

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ultimate-responsive-image-slider/ultimate-responsive-image-slider-3512-missing-authorization-via-ajax-action

Detailed Report:

Keeping your WordPress website and its plugins up-to-date is critical for security. Unfortunately, many site owners fail to regularly update and patch vulnerabilities that arise. A prime example is the recently disclosed vulnerability in the popular Slider plugin. Versions up to and including 3.5.11 contain a vulnerability that allows unauthorized access to slider metadata. While the developers have patched this in version 3.5.12, many sites likely remain outdated and vulnerable. This missing authorization issue leaves sites open to data theft and further exploitation.

If you use the Slider plugin, we strongly advise updating immediately. Even if you don't use this particular plugin, this incident highlights the ongoing security risks of outdated plugins. We want to help ensure your site stays secure. In this post we'll cover the details of this vulnerability, how to update your plugins, and additional steps you can take to lock down WordPress. The key takeaway is keeping your plugins patched is essential to avoid becoming a security statistic. We're here to help you keep your site safe.

The Slider plugin, also known as Ultimate Responsive Image Slider, is a popular plugin used by over 40,000 WordPress sites to add responsive image sliders. Unfortunately, versions 3.5.11 and earlier contain a vulnerability that allows unauthorized access to slider metadata. This vulnerability, titled "Missing Authorization via AJAX action", stems from a lack of capability checking on an AJAX function that retrieves slider thumbnails.

This vulnerability received a CVSS severity score of 4.3 out of 10, meaning it is of medium concern. While the vulnerability has been patched in Slider version 3.5.12, many sites likely have not yet updated and remain at risk. If exploited, this vulnerability could allow attackers to steal slider configuration data and image URLs stored in the post meta. Attackers could then potentially modify site content, deface images, or use stolen URLs for phishing campaigns.

To protect your site, it is critical to update the Slider plugin to version 3.5.12 or higher immediately. You can do this quickly from your WordPress dashboard by navigating to Plugins > Installed Plugins. Check that Slider is updated to the latest version. If not, click "Update Now." While you're there, browse your other plugins and upgrade any that are out of date.

This vulnerability highlights the ongoing security risk of outdated WordPress plugins. Plugins extend functionality but also introduce potential vulnerabilities that are patched over time. Failing to maintain plugins leaves you open to data breaches, defacements, malware infections, and more. We recommend reviewing and updating plugins regularly as part of sound security hygiene.

Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.

Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.

Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.

WordPress Plugin Vulnerability Report – Slider – Missing Authorization via AJAX action FAQs

Leave a Comment