PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCE

2022-02-10 13:58

Tens of thousands of WordPress sites are at risk from critical vulnerabilities in a widely used plug-in that facilitates the use of PHP code on a site.

The plug-in does precisely what its name suggests, allowing WordPress site developers to put PHP code in various components of a site, including pages, posts and sidebars.

The former, "Remote Code Execution by Contributor+ users via metabox," has to do with a default setting in PHP Everywhere that allowed all users with the edit posts capability to use the PHP Everywhere metabox.

"Unfortunately this meant that untrusted Contributor-level users could use the PHP Everywhere metabox to achieve code execution on a site by creating a post, adding PHP code to the PHP Everywhere metabox, and then previewing the post," Gall wrote.

The third vulnerability, "Remote Code Execution by Contributor+ users via gutenberg block," is associated with a default setting in PHP Everywhere that allowed all users with the edit posts capability to use the PHP Everywhere Gutenberg block.

WordPress plug-ins are a constant pain point for developers of sites built using the open-source content-management and website-creation system, often including vulnerabilities that threaten the security of WordPress sites.

News URL

https://threatpost.com/php-everywhere-bugs-wordpress-rce/178338/

#PHP #RCE #wordpress

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
PHP		9	1	43	113	123	280
Wordpress		7	2	95	44	18	159