WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

Themes Vulnerabilities

Multiple Themes - Unauthenticated Function Injection

Description

Jerome Bruandet, from nintechnet, discovered numerous themes affected by Unauthenticated Function Injection issues, due to the lack of capability and CSRF nonce checks in AJAX actions.

The naturemag-lite theme partially fixed the issues in v1.0.5, however it has been removed from the WordPress repository.

Three of the themes, Brilliance, Activello and Newspaper X were also affected by an Unauthenticated Plugin Activation/Deactivation issue.

Affects Themes

shapely
Fixed in version 1.2.9
newsmag
Fixed in version 2.4.2
activello
Fixed in version 1.4.2
illdy
Fixed in version 2.1.7
allegiant
Fixed in version 1.2.6
newspaper-x
Fixed in version 1.3.2
pixova-lite
Fixed in version 2.0.7
brilliance
Fixed in version 1.3.0
medzone-lite
Fixed in version 1.2.6
regina-lite
Fixed in version 2.0.6

References

URL
https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-fixed-in-15-wordpress-themes/
URL
https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/
URL
https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-in-wordpress-sparkling-theme/

Classification

Type

INJECTION

OWASP top 10
A1: Injection

Miscellaneous

Original Researcher

Jerome Bruandet (nintechnet)

Verified

No

WPVDB ID
bec52a5b-c892-4763-a962-05da7100eca5

Timeline

Publicly Published

2020-10-01 (about 2 years ago)

Added

2020-10-01 (about 2 years ago)

Last Updated

2022-04-08 (about 11 months ago)

Our Other Services

WPScan WordPress Security Plugin