WordPress users are now a potential target of takeover attacks due to a bug found in the Brizy - Page Builder plugin.
Security provider and WordPress-plugin developer Wordfence published its findings on this major vulnerability in its latest blog post. According to the company, the bug has been present in the Brizy plugin since its first appearance, then patched out, only for a nearly identical one to be reintroduced in a later update. It can potentially affect 90,000 websites, as that’s how many WordPress sites are using this plugin today.
Luckily, security firms were quicker than hackers in discovering this vulnerability, and the developers of Brizy - Page Builder have issued a patch that fixes this potential exploit. Although the issue was discovered in June, and the vendor informed in August, due to disclosure policies, Wordfence couldn’t release its findings to the public until this week.
“The Brizy – Page Builder plugin used the Brizy_Editor::is_administrator and Brizy_Editor_User:is_administrator functions for a wide variety of authorization checks, and any user that passed one of these checks was assumed to be an administrator, effectively bypassing almost all of the other capability checks used in the plugin. Unfortunately, due to a logic flaw, being logged in and accessing any endpoint in the wp-admin directory was sufficient to pass this check due to the use of the is_admin() function for authorization checking,” the official Wordfence blog stated.
What this means is that any logged-in users, no matter if they were set as a contributor or just a subscriber to the site, could potentially modify any post or a page on the affected WordPress site, as long as the page or post in question was created or edited through Brizy. Additionally, this could open up a WordPress site to two vulnerabilities that could enable a total takeover.
Keeping your WordPress installation and any associated plugins up to date is a must. A good CDN host could automate this process for you, as well as protect your site against hacks through a firewall and DDoS protection. As for Brizy - Page builder, we hope that’s the end of its problems, as it’s a really handy plugin to have if you need a quick way to customize your website.
Your email address will not be published.*