Disqus Patch Critical Security Flaws in its WordPress Plugins

Share it:
Disqus, one of the popular comment and discussion service, that is used by more than 70 million websites on the Internet has fixed some of the critical security flaw including a CSRF bug. The vulnerabilities affects all versions of the plugin up to 2.75.

There were three vulnerabilities that has been patched in version 2.76 of Disqus plugin and among that CSRF flaw was the critical bug. CSRF vulnerability was in the manage.php module of the plugin. CSRF flaws are quite common in web applications and plugins and have become a common attack vector.

Vulnerability Explanation
Nik Cubrilovic, the researcher who discovered and reported the Disqus flaws, wrote -
“The parameters disqus_replace, disqus_public_key and disqus_secret_key are being passed to WordPress’s update_option function directly with no filtering. Thedocumentation for update_option says that it will take any value passed to it and store it in the database. It is up to the plugin author to filter and validate variables here, since there are cases where you want to store HTML or other types of raw data,”
In order to exploit the vulnerability, an attacker could set up a malicious site with the exploit code on it and inject it into the user’s browser via the CSRF- Cubrilovic said. He said that he had used the exploit in a live penetration test for a client by sending the link in a spearphishing email to an administrator.

The other two vulnerability that Cubrilovic discovered was cross-site scripting (XSS) and other could be used to reset or delete the options in the Disqus plugin, which have less severity. 

What to Do Now ?
So our reader who are using Disqus plugins in there blog or site, are recommended to update their disqus plugin in order to patch the above discussed vulnerabilities.  WordPress users should be able to update their Disqus plugin by signing into their WordPress administrative panel > Disqus Comment System plugin > drop-down at the top or bottom of the page > click “Update.” Users can also manually update the plugin by overwriting the plugin files directly into the WordPress’ plugin directory.
Share it:

News

Security

Vulnerability

WordPress

Post A Comment:

1 comments:

  1. nice post thx very much dor diqus patch cirtical security flaws

    ReplyDelete

Follow by Email