#intel

How often do cyberattacks happen? How frequently do threat actors target businesses and governments around the world? The BlackBerry® Threat Research and Intelligence Team recently analyzed 90 days of real-world data to answer these questions. Full results are in the latest BlackBerry Global Threat Intelligence Report, but read on for a teaser of several interesting cyber attack statistics.

The BadgeOS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_badgeos_log_entries function in versions up to, and including, 3.7.1.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete the plugin's log entries.

The CHP Ads Block Detector plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings reachable though an AJAX action in versions up to, and including, 3.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

The Quick Post Duplicator for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter in versions up to, and including, 2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers (admin or higher) to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. This only affects multi-site installations and installations where unfiltered_html has been disabled.

The Order Tracking Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the start_date and end_date parameters in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private information in versions up to, and including, 5.5.0. This is due to the passphrase and iv being hardcoded in the 'pm_encrypt_decrypt_pass' function and used across all sites running the plugin. This makes it possible for authenticated attackers, with administrator-level permissions or above to decrypt and view users' passwords. If combined with another vulnerability, this can potentially grant lower-privileged users access to users' passwords.

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.90. This is due to missing or incorrect nonce validation on the Save function. This makes it possible for unauthenticated attackers to make changes to invoices via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

The Woo Custom Emails for WordPress is vulnerable to Reflected Cross-Site Scripting via the wcemails_edit parameter in versions up to, and including, 2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

The Waiting: One-click countdowns plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.6.2. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to create and delete countdowns, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.