WordPress Plugin Vulnerability Report – Solid Security – Unauthenticated Login Page Disclosure
Plugin Name: Solid Security
Key Information:
- Software Type: Plugin
- Software Slug: better-wp-security
- Software Status: Active
- Software Author: ithemes
- Software Downloads: 28,594,364
- Active Installs: 900,000
- Last Updated: October 31, 2023
- Patched Versions: 9.0.1
- Affected Versions: <= 9.0.0
Vulnerability Details:
- Name: Solid Security Basic <= 9.0.0 - Unauthenticated Login Page Disclosure
- Title: Unauthenticated Login Page Disclosure
- Type: Protection Mechanism Failure
- CVSS Score: 5.3 (Medium)
- Publicly Published: October 31, 2023
- Researcher: Naveen Muthusamy
- Description: The Solid Security – Password, Two Factor Authentication, and Brute Force Protection plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 9.0.0. This is due to the plugin disclosing the login path when comments are enabled and registration is required. This makes it possible for unauthenticated attackers to discover the login page path and bypass the intended functionality of the security mechanism.
Summary:
The Solid Security plugin for WordPress has a vulnerability in versions up to and including 9.0.0 that allows unauthenticated attackers to discover the login page path and bypass security protections. This vulnerability has been patched in version 9.0.1.
Detailed Overview:
The Solid Security plugin, which provides password protection, two-factor authentication, and brute force attack prevention for WordPress sites, is vulnerable to an unauthenticated login page disclosure flaw. Discovered by researcher Naveen Muthusamy, the issue arises when comments are enabled on the site and user registration is required. In this configuration, the plugin will reveal the login page path to unauthenticated users. This allows attackers to discover where the admin login page is located, enabling them to target brute force and other credential attacks. While no specific exploit is required, the failure to properly protect the login path represents a protection mechanism bypass. The vulnerability is considered medium severity with a CVSS score of 5.3. It affects all versions of the plugin up to and including 9.0.0. Users are advised to update to version 9.0.1, which resolves the disclosure problem by removing login path hints. There are no official reports of this vulnerability being exploited in the wild.
Advice for Users:
Immediate Action: Update to Solid Security version 9.0.1 as soon as possible.
Check for Signs of Vulnerability: Review web server access logs for any abnormal or suspicious login attempts. Also check for any changes to user accounts.
Alternate Plugins: Consider using an alternate security plugin like WordFence or iThemes Security as a precaution.
Stay Updated: Always keep plugins updated and avoid using plugin versions marked End of Life by developers.
Conclusion:
The timely response by the developers to patch this vulnerability shows their commitment to security. Users should install version 9.0.1 or higher to ensure their WordPress sites are not susceptible to this protection bypass issue. Proper plugin hygiene and update diligence continues to be critical for WordPress site security.
References:
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/better-wp-security
Detailed Report:
Keeping your WordPress website and its plugins up-to-date is critical for security. Unfortunately, many users fail to properly maintain plugins, leaving their sites exposed to vulnerabilities. A recently disclosed flaw in the popular Solid Security plugin highlights this risk. Versions up to 9.0.0 contain a protection bypass bug that can allow attackers to discover your secret login page. While this doesn’t directly enable infiltration, it dismantles a key defense.
Developers have already issued a patch, but many users likely haven’t updated. We strongly advise installing the latest plugin release immediately to close this open door. For those concerned about the security posture of their website, our team of experts can perform an audit and determine what steps are needed to lock things down. Don't leave your site open to compromise - proper patching, vigilant monitoring, and help when you need it can keep you safe.
The Solid Security plugin, which provides password protection, two-factor authentication, and other security features, is used on over 900,000 WordPress sites. Unfortunately, a medium severity vulnerability was recently disclosed that affects all versions up to 9.0.0. When comments are enabled and registration required, the flawed plugin reveals the admin login URL to unauthenticated users. While not directly enabling access, this destroys a key safeguard.
Attackers could leverage the exposed login path to launch brute force attacks and attempt to crack admin passwords. If successful, they could gain privileged access and fully compromise the site. Beyond password attacks, the loss of obscurity around the login location damages the overall security posture.
The good news is that the developer has already patched the problem in version 9.0.1. Sites using this latest release are no longer affected. For those on older versions, you should update immediately to close this door. Be sure to also review web logs for any suspicious activity and watch for unauthorized changes to user accounts.
While this specific flaw has been addressed, Solid Security has been susceptible to over 15 vulnerabilities since 2012. This underscores the importance of proper plugin hygiene. Always use the latest versions, avoid end-of-life releases, and monitor closely for any new threats.
Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.
Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.
Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.