News

Security flaw in WordPress Nextend Social Plugins

Bugsec group security researcher, Liran Segal, has discovered  a security flaw in WordPress Nextend Social plugins in one of our recent penetration tests.

The vulnerability (CVE-2015-4413) exists in:

  • “Nextend Facebook Connect 1.5.4”
  • “Nextend Twitter Connect 1.5.1”
  • “Nextend Google Connect 1.5.1”

The security flaw allows execution of arbitrary JavaScript in the context of the user’s browser (Cross Site Scripting).

Liran_Wordpress_Xss1

The vulnerability was made due to un-escaped function which allows the use of dangerous symbols. When an attacker injects the JavaScript code in the URL, the function will run the code.

LiranXss2

In order to solve this security flaw you will need to add the “html entities” function (http://php.net/htmlentities) as you can see in the image:

LiranXss3

We have disclosed (07.06.2015) the full details of the flaw to Nextend Social Plugins.

 

The writer is a senior penetration tester of Bugsec Security.

Bugsec security group is a leading offensive security company located in Israel and focusing on penetration testing, cyber simulations and more. We have experience testing dozens of security tools and applications. Our team consists of more than 40 experienced hackers working with many major enterprises.