Critical Vulnerability in miniOrange Social Login WordPress Plugin Exposes User Accounts
June 29, 2023
A severe security flaw in the Social Login and Register plugin for WordPress, developed by miniOrange, has been revealed. This vulnerability, known as CVE-2023-2982 and having a CVSS score of 9.8, could potentially allow a malicious actor to log in as any user, provided they have information about the user's email address. This flaw affects all versions of the plugin up to and including 7.6.4. The issue was mitigated on June 14, 2023, with the release of version 7.6.5, following a responsible disclosure on June 2, 2023.
As stated by Wordfence researcher István Márton, 'The vulnerability makes it possible for an unauthenticated attacker to gain access to any account on a site including accounts used to administer the site, if the attacker knows, or can find, the associated email address.' The root cause of the problem lies in the fact that the encryption key used to secure information during a social media login is hard-coded. This situation could allow attackers to generate a valid request with a correctly encrypted email address used to identify the user. If the account in question belongs to a WordPress site administrator, it could lead to a total system compromise. The plugin is currently in use on over 30,000 sites.
This vulnerability disclosure follows the recent discovery of a high-risk flaw affecting the LearnDash LMS plugin, another WordPress plugin with over 100,000 active installations. This flaw, tagged as CVE-2023-3105 and having a CVSS score of 8.8, could allow any user with an existing account to reset arbitrary user passwords, including those of administrators. This bug was rectified in version 188.8.131.52, released on June 6, 2023.
Moreover, just a few weeks ago, Patchstack reported a cross-site request forgery (CSRF) vulnerability in the UpdraftPlus plugin, known as CVE-2023-32960 (CVSS score: 7.1). This vulnerability could enable an unauthenticated attacker to steal sensitive data and gain elevated privileges by tricking a user with administrative permissions to visit a specially crafted WordPress site URL.
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.
By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.
Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.