CMSの脆弱性情報 | 「街のIT三河屋さん」オフィスくまさん

2021年2月15日〜3月15日迄の間に1件3つの脆弱性が公表されています。

JVN#66542874
2021/02/24
Movable Type
複数のクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN66542874/

ちなみにWordPressに関してJVNに上がっていない情報も仕入れたので貼っておきます。こちらは2021年2月分になります。

WordPress Plugin Vulnerabilities

Under Construction, Coming Soon & Maintenance Mode < 1.1.2 - Server Side Request Forgery (SSRF)
Under Construction, Coming Soon & Maintenance Mode < 1.1.2 - Reflected Cross-Site Scripting (XSS)
NextGEN Gallery Pro < 3.1.11 - Reflected Cross-Site Scripting (XSS)
Web-Stat < 1.4.1 - API Key Disclosure
Photo Gallery by 10web < 1.5.69 - Reflected Cross-Site Scripting (XSS)
YITH WooCommerce Gift Cards Premium < 3.3.1 - RCE via Arbitrary File Upload
QuadMenu < 2.0.7 - Unauthenticated RCE via compiler_save
WP Content Plus < 3.2 - CSRF Nonce Bypass
Testimonial Rotator <= 3.0.3 - Authenticated Stored Cross-Site Scripting
Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload
eCommerce Product Catalog < 3.0.18 - CSRF Nonce Bypass
Better Search < 2.5.3 - CSRF Nonce Bypass in Import/Export
Process Steps Template Designer < 1.3 - CSRF to Stored Cross-Site Scripting (XSS)
Custom Banners < 3.3 - CSRF Nonce Bypass in saveCustomFields
Ninja Forms < 3.4.34 - CSRF to OAuth Service Disconnection
Ninja Forms < 3.4.34 - Administrator Open Redirect
Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key Disclosure
Ninja Forms < 3.4.34 - Authenticated SendWP Plugin Installation and Client Secret Key Disclosure
Zebra_Form Library <= 2.9.8 - Reflected Cross-Site Scripting (XSS)
Theme Editor < 2.6 - Authenticated Arbitrary File Download
Post SMTP Mailer/Email Log < 2.0.21 - CSRF Nonce Bypass
All In One WP Security & Firewall < 4.4.6 - Authenticated Cross-Site Scripting (XSS)
Responsive Menu 4.0.0 - 4.0.3 - Authenticated Arbitrary File Upload
Responsive Menu < 4.0.4 - CSRF to Arbitrary File Upload
Responsive Menu < 4.0.4 - CSRF to Settings Update
Map Block for Google Maps < 1.32 - Unauthorised Google API Key change
NextGen Gallery < 3.5.0 - CSRF allows File Upload
NextGen Gallery < 3.5.0 - CSRF allows File Upload, Stored XSS, and RCE
Ultimate Maps by Supsystic < 1.1.17 - Authenticated SQL Injections
Pricing Table by Supsystic < 1.8.9 - Authenticated SQL Injections
Pricing Table by Supsystic < 1.9.0 - Authenticated Stored Cross-Site Scripting
Newsletter by Supsystic <= 1.5.6 - Authenticated SQL Injection
Membership by Supsystic <= 1.5.0 - Authenticated SQL Injection
Digital Publications by Supsystic <= 1.6.11 - Authenticated Stored Cross-Site Scripting (XSS)
Digital Publications by Supsystic < 1.6.12 - Authenticated Path Traversal
Data Tables Generator by Supsystic < 1.10.0 - Authenticated SQL Injection
Data Tables Generator by Supsystic < 1.10.1 - Authenticated Stored Cross-Site Scripting (XSS)
Contact Form by Supsystic < 1.7.11 - Authenticated SQL Injections
Contact Form by Supsystic < 1.7.7 - Authenticated Stored Cross-Site Scripting (XSS)
Backup by Supsystic <= 2.3.9 - Authenticated Arbitrary File Download and Deletion
WP Amour < 1.5.7 - Authenticated Stored Cross-Site Scripting (XSS)
Welcart e-Commerce < 2.1.1 - Authenticated SQL Injection
Paid Membership Pro < 2.5.3 - Unauthorised Order Information Disclosure
Like Button Rating < 2.6.32 - Unauthenticated Full-Read SSRF
Ultimate GDPR & CCPA Compliance Toolkit < 2.5 - Unauthenticated Plugin Settings Export and Import
Name Directory < 1.18 - Cross-Site Request Forgery (CSRF)
Contact Form 7 Style <= 3.1.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Photo Gallery by 10Web < 1.5.68 - Cross-Site Scripting (XSS)
Popup Builder < 3.74 - Authenticated Reflected Cross-Site Scripting (XSS)
MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple
WP Editor < 1.2.7 - Authenticated SQL injection
Ivory Search < 4.5.11 - Authenticated Reflected Cross-Site Scripting (XSS)

WordPress Theme Vulnerabilities

Wyzi < 2.4.3 - Reflected Cross-Site Scripting (XSS)

結構ありますね。日々、アップデートが来ていないかの確認は必要かと思います。

前回の情報はこちら。