Cyber Security News

WordPress Plugin Flaw Exposes 10k+ Websites to Cyber Attacks

A critical vulnerability in the WP Datepicker WordPress plugin was identified, affecting over 10,000 active installations. 

This Arbitrary Options Update vulnerability (CVE-2024-3895) has been assigned a CVSS score of 8.8, indicating a high severity level.

CVE-2024-3895: Arbitrary Options Update Vulnerability in WP Datepicker Plugin

This vulnerability could be exploited by authenticated attackers with subscriber-level access and above to update arbitrary options, which can be easily leveraged for privilege escalation.

Such an attack could allow threat actors to create administrator accounts, posing a significant risk to affected websites.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

The vulnerability was found in the WP Datepicker plugin, a widely used tool for managing date and time inputs in WordPress forms. The flaw, which existed in versions 2.1.0 and earlier, has been fully addressed in version 2.1.1.

The source code has been reformatted for better readability, causing the line numbers to be different:

function wpdp_add_new_datepicker_ajax(){

   global $wpdp_premium_link, $wpdp_dir, $wpdp_url, $wpdp_pro, $wpdp_data, $wpdp_options, $wpdp_styles, $wpdp_gen_file;

   if(isset($_POST['wpdp_add_new_datepicker']) || isset($_POST['wpdp_get_selected_datepicker']) || isset($_POST['wpdp_form_data'])){

        if (

           ! isset( $_POST['wpdp_nonce_action_field'] )

           || ! wp_verify_nonce( $_POST['wpdp_nonce_action_field'], 'wpdp_nonce_action' )

        ) {

           print __('Sorry, your nonce did not verify.', 'wp-datepicker');

           exit;

Bounty Program:

The researcher who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program, Lucio Sá, was awarded a bounty of $493.00 for their discovery during the Bug Bounty Program Extravaganza.

Wordfence is running a Bug Bounty Extravaganza, offering increased bounty rates for vulnerabilities submitted through May 27th, 2024.

The Wordfence firewall rule detects the malicious AJAX action and blocks the request if it does not come from an existing authorized administrator.

To protect against exploits targeting this vulnerability, WordPress users are strongly encouraged to verify that their sites are updated to the latest patched version of WP Datepicker (2.1.1 or higher).

In April, Wordfence Premium, Wordfence Care, and Wordfence Response users received a firewall rule to protect against exploits targeting this vulnerability.

Free Webinar: Mastering Web Application and API Protection/WAF ROI Analysis -  Book Your Spot

Dhivya

Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

LATRODECTUS Loader Getting Popular Among Cybercriminals, Is It Replacing ICEDID!

Hackers use loaders to bypass security measures and run harmful code in a genuine process's…

1 hour ago

30+ Tesla Cars Hacked Using Third-Party Software

A security researcher identified a vulnerability in TeslaLogger, a third-party software used to collect data…

2 days ago

How to Use Threat Intelligence Feeds for SOC/DFIR Teams

Threat intelligence feeds provide real-time updates on indicators of compromise (IOCs), such as malicious IPs…

2 days ago

YARA-X, The Malware Researchers Toolbox Evolved

Malware experts all over the world can't do their jobs without YARA. YARA has been…

2 days ago

SugarGh0st RAT Attacking Organizations & Individuals in AI Research

The cybersecurity company Proofpoint has found a new operation using the SugarGh0st Remote Access Trojan…

2 days ago

New Cyber Attack Targeting Facebook Business Accounts

The email campaign impersonates the Facebook Ads Team to trick users into clicking a malicious…

2 days ago