CVE-2022-2983 The Salat Times WordPress plugin 3.2.2 has security issues because it doesn't sanitize its settings and can be exploited to do Cross-Site Scripting attacks.

If you use this plugin on a website with high traffic or that has a high number of user registrations, this vulnerability could be exploited by remote attackers to hijack the administrator account and gain access to other areas of your site, such as installing other plugins, changing settings, adding new users, etc.

Salat Times WP Plugin 3.2.2 - Remote Code Execution Vulnerability Salat Times WP Plugin before 3.2.2 is vulnerable to a remote code execution vulnerability when it fails to properly validate user-inputted dates before printing them on the screen. This results in a malicious user being able to inject PHP code into the admin area of your website.

Salat Times WP Plugin 3.2.2 - Unauthenticated Remote Code Execution Vulnerability Salat Times WP Plugin before 3.2.2 is vulnerable to an unauthenticated remote code execution vulnerability in the 'Export Data' feature. This results in a malicious user being able to inject PHP code into the admin area of your website.

How do I know if I am affected?

If you use this plugin on a website with high traffic or that has a high number of user registrations, this vulnerability could be exploited by remote attackers to hijack the administrator account and gain access to other areas of your site, such as installing other plugins, changing settings, adding new users, etc.

The above is an excerpt from a blog post on the importance of security.

How to check if you’re vulnerable?

If you use this plugin on a website with high traffic or that has a high number of user registrations, this vulnerability could be exploited by remote attackers to hijack the administrator account and gain access to other areas of your site, such as installing other plugins, changing settings, adding new users, etc.

To find out if you're vulnerable:
1. Log into your WordPress admin area.
2. Go to Settings > Salat Times WP Plugin.
3. Scroll down to 'Export Data' and click it.
4. If there is no form of authentication set, then the page will have a login link similar to this one: "Login with your WordPress username and password."
5. If your site's admin area doesn't have a login link like the one above, but does have "Forgot Password?" links for logged-in users on the same page, then you are not susceptible to this vulnerability because you are using authentication for the "Forgot Password?" link.

Timeline

Published on: 11/28/2022 14:15:00 UTC
Last modified on: 11/30/2022 03:40:00 UTC

References