WordPress image plug-in Fancybox-For-WordPress vulnerability causes batch Trojans
Fancybox For WordPress is a great WordPress image plug-in that can bring up a beautiful browsing interface For your WordPress image to show a wide variety of pop-up layer effects.
Last week, security researchers found that some Wordpress blogs suffered batch Trojans. All these blogs have installed the Fancybox plug-in. After analysis, the researchers found the vulnerability in this plug-in.
Vulnerability Analysis
This vulnerability exists in Plug-ins earlier than 3.0.2, and exploits a common attack path against the wp plug-in: unprotected admin_init hook.
Since the admin_init Hook can be called by anyone who accesses the/wp-admin/admin-post.php or/wp-admin/admin-ajax.php page, attackers can change the "mfbfw" option in the plug-in to anything.
What is this option?
We found that this option is used in many places. Note that the mfbfw_init () function displays the jQuery script and uses the parameters we set in the mfbfw_admin_options () function.
You can see that $ settings is output without processing.
Therefore, attackers can use unprotected admin_init hooks to inject malicious javascript attacks, such as malicious iframe, into all webpages of the attacked website.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
