Wordpress security

Critical CSRF to RCE Vulnerability in WordPress Code Snippets Plugin

January 29, 2020 by Oliver Sild

code snippets plugin

The Code Snippets WordPress plugin has over 200,000+ active installations. Information about a high severity security flaw was published by another security vendor which revealed a vulnerability in which anybody could forge a request on behalf of an administrator and potentially inject malicious code on a vulnerable website.

Vulnerability: Critical CSRF to RCE
Vulnerable version: fixed in version 2.14.0
Number of sites affected: 200 000+

This issue could cause complete site takeovers. Vulnerabilities with such magnitude are quickly targeted by adversaries and updating to the patched version should be done immediately!

The vulnerability is within all versions of Code Snippets WordPress plugin with a version lower than 2.13.3. A patch has been released and the vulnerability is fixed in version 2.14.0.

Import function missed CSRF protection

Cross-site request forgery is where unauthorized commands are transmitted from a user that the web application trusts. Without the CSRF protection, the website administrator can be tricked into making an admin account to the attacker or the attacker could infect users, steal sensitive data and more.

Code snippets could be enabled during import

Even though code snippets were set to be disabled by default during import, the default settings could easily be bypassed by modifying the JSON body containing the code import details.

This has escalated the severity of the issue since the attacker could now inject malicious code which will be executed whenever someone visits the site.

Timeline of the Code Snippets vulnerability

January 23rd, 2020 – Vulnerability initially discovered and analyzed by another security vendor. Initial reach to the developer
January 24th, 2020 – Developer confirms details and begins working on the patch. 
January 25th, 2020 – Patch released.
January 29th, 2020 – Public vulnerability disclosure.
January 29th, 2020 – Firewall rules updated for WebARX customers.

Protect Websites Against Plugin Vulnerabilities

Start for free

We continue to closely monitor the vulnerability and will update the article over-time with potential IOCs and important threat information. Read more about recent WordPress vulnerabilities here.

If you wish to stay updated about the vulnerabilities via social media, consider joining our Facebook community and follow us on Twitter.

Wordpress security

Secure your websites like an expert - in under 3 minutes.

Try WebARX For Free

Get latest vulnerabilities directly to your inbox

30 000+ developers already benefit from our weekly newsletters.

suggested articles

Oliver
Sild

Website security

11 Ways to Improve Your Web Application Security

Website security

Agnes
Talalaev

Website security
WebARX Product

A Detailed Guide To Add Security Headers For WordPress

Security headers

Agnes
Talalaev

WebARX Product
Wordpress security

Comprehensive WordPress Malware Removal Guide

WordPress malware removal

Oliver
Sild

Wordpress security

Start your free 7-day trial now

Protect your websites from malicious traffic - set-up in under 3 minutes.

Try it now

WebARX is compatible with the following platforms:

PHP
WordPress
Magento
Drupal
Joomla