Wordpress security

WordPress Plugin ‘Simple Social Buttons’ Critical Security Bug

Updated: October 29, 2019 by Oliver Sild

Finding security vulnerabilities is an important part of securing our client’s sites and improving our managed web application firewall. That is why WebARX is analyzing WordPress plugins for security issues and reporting them to competent developers or organizations.

While doing research we found a vulnerability in popular WordPress plugin Simple Social Buttons which allows non-admin users to modify WordPress installation options.

Are your WordPress plugins vulnerable?

Check now for free
website firewall webarx website security

Software Overview

WordPress plugin Simple Social Buttons is a popular free and paid plugin that brings the ability to add social media sharing buttons on the sidebar, inline, above and below the content of the post, on photos, popups, fly-ins.

The plugin has over 40,000+ active installations according to WordPress Plugin repository and over 500,000 downloads according to plugin vendor WPBrigade.

Vulnerability Description

Improper application design flow, chained with lack of permission check resulted in privilege escalation and unauthorized actions in WordPress installation allowing non-admin users, even subscriber user type to modify WordPress installation options from the wp_options table.

As can be seen from the screenshot, a function would iterate through JSON object provided in the request and update all options with option_name from object key and option_value from a key value without checking whether the current user has permission to manage options or provided option_name belongs to that plugin.

Conclusion

If your website uses the WordPress plugin “Simple Social Buttons“, you should update it to the latest version as soon as possible. A described vulnerability affects plugin versions from 2.0.4 and before version 2.0.22 in which developers introduced patch.

The vulnerability was discovered and reported on  Feb 7, 2019, and a patched version was released just a day after, on Feb 8, 2019. WebARX users are safe as rules have been shipped to the firewall on the day of discovery. Even if you’re a WebARX user, please make sure to update the plugin ASAP.

Start your 7-day free trial now.

Start for free
Wordpress security

Secure your websites like an expert - in under 3 minutes.

Try WebARX For Free

Get latest vulnerabilities directly to your inbox

30 000+ developers already benefit from our weekly newsletters.

suggested articles

Wordpress security

Securing WordPress Plugins from Attacker’s Perspective

We analysed more than 20,000 plugins

Oliver
Sild

Wordpress security
Wordpress security

Security risk on AMP for WP – Accelerated Mobile Pages Plugin

Security advisory

Oliver
Sild

Wordpress security
Wordpress security

Comprehensive WordPress Malware Removal Guide

WordPress malware removal

Oliver
Sild

Wordpress security
WebARX Product

How To Generate a Website Security Report?

New feature release

Agnes
Talalaev

WebARX Product

Start your free 7-day trial now

Protect your websites from malicious traffic - set-up in under 3 minutes.

Try it now

WebARX is compatible with the following platforms:

PHP
WordPress
Magento
Drupal
Joomla