snicco

Taking the pain out of enterprise WordPress development

Possible site takeover through stolen API credentials in combination with SQLi – (BlogVault <= 5.09)

Calvin Alkan

| in

,
Affected pluginBlogVault
Active installs100,000+
Vulnerable version<= 5.09
Audited version5.09
Fully patched version5.16
Recommended remediationRemoval of the plugin

Description

This vulnerability is identical to this one in MalCare because MalCare and Blogout share 99% of their codebase.

Proof of concept

Refer to this POC and use “bvbackup” in step 4. instead of “malcare”.

Proposed patch

Refer to this proposed patch.

Timeline

Refer to this timeline.

Miscellaneous

Leave a Reply

Your email address will not be published. Required fields are marked *