Security News > 2020 > October > Post Grid WordPress Plugin Flaws Allow Site Takeovers
Two high-severity vulnerabilities in Post Grid, a WordPress plugin with more than 60,000 installations, opens the door to site takeovers, according to researchers.
The upshot is that attackers could use the malicious JavaScript to add a malicious administrator, add a backdoor to plugin or theme files, or steal the administrator's session information - all of which are paths to complete takeover of a site.
"In both cases, a logged-in attacker with minimal permissions such as subscriber could trigger the functions by sending an AJAX request, with the action set to post grid import xml layouts for the Post Grid plugin or team import xml layouts for the Team Showcase plugin, with each action triggering a function with the same name," Gall explained.
"Although neither plugin utilized any vulnerable magic methods, if another plugin using a vulnerable magic method was installed, Object injection could be used by an attacker."
Newsletter, a WordPress plugin with more than 300,000 installations, was discovered to have a pair of vulnerabilities that could lead to code-execution and even site takeover.