Admins who use the Facebook for WordPress add-on for WordPress can update their pages right away. Researchers discovered two major security flaws in the Facebook for WordPress plugin, putting thousands of websites at risk. Both bugs have been patched in the most recent version of the plugin.
Security Vulnerabilities
Wordfence recently released information about two different flaws in the Facebook for WordPress plugin. There are currently over 500,000 active installations of the plugin. As a result, these flaws put a large number of websites at risk.
In a nutshell, one of these is a crucial security flaw with a CVSS score of 9.0. It was discovered to be a PHP object injection flaw in the run action() feature, according to the researchers. By writing custom scripts to create a legitimate nonce, an hacker could easily exploit this vulnerability to obtain remote code execution. Wordfence explained the issue with this script by saying,
In a nutshell, one of these is a crucial security flaw with a CVSS score of 9.0. It was discovered to be a PHP object injection flaw in the run action() feature, according to the researchers. By writing custom scripts to create a legitimate nonce, an attacker could easily exploit this vulnerability to obtain remote code execution. Wordfence explained the issue with this script by saying,
“This function was intended to deserialize user data from the event_data POST variable so that it could send the data to the pixel console. Unfortunately, this event_data could be supplied by a user. When user-supplied input is deserialized in PHP, users can supply PHP objects that can trigger magic methods and execute actions that can be used for malicious purposes.”
The second vulnerability, which Wordfence described as a Cross-Site Request Forgery (CSRF) flaw, appeared in a later version of the plugin. With a CVSS score of 8.8, it was a high-severity error.
Patches Released
The PHP object injection vulnerability in the plugin was first discovered by Wordfence in December 2020. The vulnerability was fixed with plugin version 3.0.0 after the developers received their report.
This patched version, on the other hand, established the CSRF vulnerability that the researchers had discovered and reported to the developers. Another modified version of the plugin, v.3.0.3, was eventually released with the second update.
The most recent update of the plugin is 3.0.5, which includes all updates. As a result, all users of this plugin should update to this edition.