Serious security flaw in Social Login plugin for WordPress exposes users’ accounts

A serious security flaw has been disclosed in MiniOrange's Social Login and Register plugin for WordPress that could enable a malicious actor to log in because any user-supplied information regarding an email address is already known.

by Vikash Kumawat
0 comments 235 views 0 minutes read

Tracked as CVE-2023-2982 (CVSS score: 9.8), the authentication bypass flaw affects all versions of the plugin up to and including 7.6.4. This was addressed on June 14, 2023, with the release of version 7.6.5 following the attributed disclosure on June 2, 2023.

Wordfence researcher Istvan Maarten said, “This vulnerability makes it possible for an unauthenticated attacker to gain access to any account on a site, including accounts used to administer the site, if the attacker obtains the associated email addresses.”

The problem lies in the fact that the encryption key used to secure the information during login using social media accounts is hard-coded, thus creating a situation where attackers can use the information to identify the user. Can create a valid request with the appropriate encrypted email address.

If the account belongs to a WordPress site administrator, this could result in a complete compromise. The plugin is used on over 30,000 sites.

This advisory comes after the discovery of a high-severity flaw affecting the Learndash LMS plugin, a WordPress plugin with over 100,000 active installations, that could allow any user with an existing account to reset arbitrary user passwords including users with administrator access.

The bug (CVE-2023-3105, CVSS score: 8.8), has been patched in version 4.6.0.1, which shipped on June 6, 2023.

This comes a few weeks after Patchstack detailed a cross-site request forgery (CSRF) vulnerability in the UpdraftPlus plugin (CVE-2023-32960, CVSS score: 7.1), which could allow an unauthenticated attacker to steal sensitive data and kill users. may allow him to escalate the privilege by cheating. With administrative permission to visit a generated WordPress site URL.

You may also like

Leave a Comment

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

-
00:00
00:00
Update Required Flash plugin
-
00:00
00:00