[ad_1]
WPScan and america Authorities Nationwide Vulnerability Database printed a discover of a vulnerability found within the HubSpot WordPress plugin. The vulnerability exposes customers of the plugin to a Server Aspect Request Forgery assault.
WPScan Vulnerability Report
The safety researchers at WPScan printed the next report:
“HubSpot < 8.8.15 – Contributor+ Blind SSRF
Description
The plugin doesn’t validate the proxy URL given to the proxy REST endpoint, which may enable customers with the edit_posts functionality (by default contributor and above) to carry out SSRF assaults”
Server Aspect Request Forgery (SSRF) Vulnerability
This vulnerability requires {that a} contributor degree subscriber be logged in for the publicity to occur.
The non-profit Open Net Software Safety Undertaking (OWASP), a worldwide group devoted to software program safety, an SSRF vulnerability can lead to the publicity of inner companies that aren’t meant to be uncovered.
Based on OWASP:
“In a Server-Aspect Request Forgery (SSRF) assault, the attacker can abuse performance on the server to learn or replace inner sources.
The attacker can provide or modify a URL which the code operating on the server will learn or submit knowledge to, and by rigorously choosing the URLs, the attacker might be able to learn server configuration equivalent to AWS metadata, hook up with inner companies like http enabled databases or carry out put up requests in the direction of inner companies which aren’t supposed to be uncovered.”
The companies that aren’t presupposed to be uncovered are:
- “Cloud server meta-data
- Database HTTP interfaces
- Inner REST interfaces
- Information – The attacker might be able to learn information utilizing <file://> URIs”
HubSpot WordPress Plugin
The HubSpot WordPress plugin is utilized by over 200,000 publishers. It supplies CRM, dwell chat, analytics and e-mail advertising and marketing associated capabilities.
The vulnerability found by WPScan notes that it was mounted in model 8.8.15.
Nevertheless, the changelog that paperwork what was up to date within the software program exhibits that the HubSpot WordPress plugin acquired further updates to repair different vulnerabilities.
Here’s a checklist of the updates in line with the official changelog, so as starting with the oldest replace:
= 8.8.15 (2022-04-07) = * Repair safety difficulty associated to proxy URL = 8.9.14 (2022-04-12) = * Repair safety difficulty associated to kind inputs = 8.9.20 (2022-04-13) = * Repair safety difficulty associated to sanitizing inputs
Whereas the safety agency WPScan and the Nationwide Vulnerability Database state that vulnerability was mounted in model 8.8.15, in line with the HubSpot plugin changelog, there have been additional safety fixes all the best way as much as model 8.9.20.
So it my be prudent to replace the HubSpot plugin to not less than model 8.9.20, though absolutely the newest model of the HubSpot WordPress plugin, as of this writing, is model 8.11.0.
Citations
Learn WPScan Vulnerability Report
HubSpot < 8.8.15 – Contributor+ Blind SSRF
Learn the Nationwide Vulnerability Database Report
Evaluation the HubSpot WordPress Plugin Changelog
!function(f,b,e,v,n,t,s) {if(f.fbq)return;n=f.fbq=function(){n.callMethod? n.callMethod.apply(n,arguments):n.queue.push(arguments)}; if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0'; n.queue=[];t=b.createElement(e);t.async=!0; t.src=v;s=b.getElementsByTagName(e)[0]; s.parentNode.insertBefore(t,s)}(window,document,'script', 'https://connect.facebook.net/en_US/fbevents.js');
if( typeof sopp !== "undefined" && sopp === 'yes' ){ fbq('dataProcessingOptions', ['LDU'], 1, 1000); }else{ fbq('dataProcessingOptions', []); }
fbq('init', '1321385257908563');
fbq('track', 'PageView');
fbq('trackSingle', '1321385257908563', 'ViewContent', { content_name: 'hubspot-wordpress-plugin-vulnerability', content_category: 'news wp ' });
[ad_2]