Safety researchers at WPScan and Wordfence have recognized seventeen plugins printed Catch Plugins (a division of Catch Themes, LLC) which have vulnerabilities. These vulnerabilities are rated as excessive and may end up in an attacker having the ability to change the plugin configurations.
Cross Website Request Forgery (CSRF)
A consumer authentication exploit (missing a functionality test) and a Cross Website Request Forgery (CSRF) vulnerability are affecting 17 plugins printed by Catch Themes.
These vulnerabilities enable any logged-in consumer, even a subscriber, to carry out adjustments which might be normally reserved for WordPress customers with the very best modifying privileges, just like the administrator of the web site.
Based on WordPress safety plugin writer WPScan:
Commercial
Proceed Studying Under
“A number of Plugins from the CatchThemes vendor don’t carry out functionality and CSRF checks within the ctp_switch AJAX motion, which might enable any authenticated customers, corresponding to Subscriber to alter the plugin’s configurations.”
Wordfence Experiences Vulnerability in Catch Demo Import WordPress Plugin
Wordfence printed a discover a few vital vulnerability found in one among these plugins as properly, the Catch Themes Demo Import (variations as much as and together with model 1.7).
The Catch Themes Demo Import WordPress plugin was discovered to have an Arbitrary File Add Vulnerability.
It’s unclear how extreme this particular vulnerability is. The vulnerability was rated by Wordfence as 9.1 on a scale of 1 – 10 and described as Vital. Nevertheless, the vulnerability was listed on the US authorities Nationwide Vulnerability Database with a ranking of seven.2 (Excessive).
Commercial
Proceed Studying Under
Based on Wordfence:
“The Catch Themes Demo Import WordPress plugin is susceptible to arbitrary file uploads by way of the import performance discovered within the ~/inc/CatchThemesDemoImport.php file, in variations as much as and together with 1.7, as a consequence of inadequate file kind validation”
Wordfence recommends upgrading to model 1.8, or newer.
Vulnerabilities Found in Seventeen Catch Themes WordPress Plugins
WPScan lists seventeen Catch Themes WordPress plugins that have been found to have vulnerabilities. All seventeen have been disclosed to the plugin writer and have been fastened.
Over 300,000 Installations Affected
Lots of the seventeen plugins are extremely fashionable.
These are the highest 10 hottest Catch Themes plugins, with the variety of installations listed subsequent to them.
Ten Most Widespread Susceptible Catch Theme Plugins
- To Prime – 80,000 Installations
- Important Content material Kinds – 50,000 Installations
- Catch IDs – 40,000 Installations
- Catch Internet Instruments – 20,000 Installations
- Social Gallery and Widget – 20,000 Installations
- Catch Infinite Scroll – 20,000 Installations
- Catch Gallery – 20,000 Installations
- Important Widgets – 20,000 Installations
- Catch Instagram Feed Gallery & Widget (Social Gallery and Widget) – 20,000 Installations
- Catch Themes Demo Import – 10,000 Installations
Seventeen Catch Themes Susceptible Plugins
These are the seventeen plugins reported by WPScan to have a vulnerability that was subsequently patched:
- Important Widgets
Mounted in model 1.9 - To Prime
Mounted in model 2.3 - Header Enhancement
Mounted in model 1.5 - Generate Youngster Theme
Mounted in model 1.6 - Important Content material Sorts
Mounted in model 1.9 - Catch Internet Instruments
Mounted in model 2.7 - Catch Below Building
Mounted in model 1.4 - Catch Themes Demo Import
Mounted in model 1.6 - Catch Sticky Menu
Mounted in model 1.7 - Catch Scroll Progress Bar
Mounted in model 1.6 - Catch Instagram Feed Gallery & Widget (Social Gallery and Widget)
Mounted in model 2.3 - Catch Infinite Scroll
Mounted in model 1.9 - Catch Import Export
Mounted in model 1.9 - Catch Gallery
Mounted in model 1.7 - Catch Duplicate Switcher
Mounted in model 1.6 - Catch Breadcrumb
Mounted in model 1.7 - Catch IDs
Mounted in model 2.4
Commercial
Proceed Studying Under
Customers Really useful to Take into account Updating to Newest Plugin Variations
Publishers who use the affected Catch Themes plugins who want to keep away from unintended penalties from utilizing susceptible variations of these plugins ought to contemplate upgrading to the very newest variations of the plugins now out there.
Failure to take action might result in pointless publicity to a hacking occasion.
Citations
Learn WPScan Advisory on Catch Themes Plugins
A number of Plugins from CatchThemes – Unauthorised Plugin’s Setting Change
Wordfence Advisory of Catch Themes Plugin
Catch Themes Demo Import <= 1.7 Admin+ Arbitrary File Add
Nationwide Vulnerability Database Catch Themes Plugins Advisories
Catch Themes Demo Import WordPress plugin vulnerability CVE-2021-39352 Element
Commercial
Proceed Studying Under
Nationwide Vulnerability Database Itemizing of A number of Catch Themes Plugins Vulnerabilities