The article announces a Bug Bounty Extravaganza, offering increased bounty rates for vulnerabilities submitted through February 29, 2024, when Wordfence handles responsible disclosure. During the Bug Bounty Extravaganza, a SQL Injection vulnerability was discovered in the RSS Aggregator by Feedzy WordPress plugin. This vulnerability allows threat actors with contributor-level permissions to extract sensitive data from the database. The researcher who discovered and reported this vulnerability through the Wordfence Bug Bounty Program earned a $329.00 bounty. All Wordfence Premium, Wordfence Care, and Wordfence Response customers, as well as free plugin users, are protected against the exploit by the Wordfence firewall’s built-in SQL Injection protection.
The developer of RSS Aggregator by Feedzy, Themeisle, was promptly contacted and released a patch for the vulnerability within a day. Users are urged to update their sites with the latest patched version of the plugin, version 4.4.3, to ensure their sites are secure.
The vulnerability summary from Wordfence Intelligence explains that insufficient escaping on the user-supplied parameter and a lack of sufficient preparation on the existing SQL query made the SQL Injection possible in vulnerable versions of the plugin. The technical analysis reveals that the inappropriate use of the wpdb prepare() function allowed for SQL injection in the plugin. Both time-based blind SQL injection and UNION-based SQL injection are possible with this vulnerability.
The article provides examples of correctly and incorrectly using the prepare function to prevent SQL Injection attacks. Additionally, the Wordfence firewall is shown to successfully block the malicious SQL query and prevent exploitation. The disclosure timeline outlines the steps taken from the initial submission of the vulnerability to the release of the patched version by the plugin vendor.
In conclusion, the article emphasizes the significance of updating sites to the latest patched version of RSS Aggregator by Feedzy to address the vulnerability. It also encourages sharing the advisory with others using the plugin to ensure their sites remain secure. Wordfence users are reassured that they are fully protected against the vulnerability.
Overall, the article effectively informs readers about the Bug Bounty Extravaganza, the vulnerability discovered in the RSS Aggregator by Feedzy plugin, the prompt response from the developer, and the steps taken to address the issue. It provides useful technical analysis and examples to help readers understand the vulnerability and how to protect against SQL Injection attacks.
Read Full Article