Two vital safety vulnerabilities within the widespread Woffice WordPress theme that might permit attackers to achieve unauthorized management or entry have been patched.
The Woffice theme, a premium product developed by Xtendify with over 15,000 gross sales, supplies staff and mission administration performance for WordPress.
In response to a report by Patchstack, the primary vulnerability is a privilege escalation flaw that allows unauthenticated customers to register as any function, together with administrator. This might permit attackers to achieve full management of an affected web site. The second allows unauthenticated account takeover (ATO), permitting attackers to log in as any current consumer, together with the positioning administrator.
Each points have been discovered within the theme’s customized login and registration performance.
Woffice Customers Suggested to Patch Now
Patches for these vulnerabilities have now been launched.
To handle the privilege escalation challenge, the builders applied a denylist to forestall unauthorized function registration and explicitly block administrator roles. For the account takeover vulnerability, they utterly eliminated the flawed register_redirect() operate that allowed unauthorized logins.
These patches have been launched in phases. Model 5.4.12 mounted the privilege escalation vulnerability, whereas model 5.4.15 addressed the account takeover flaw. The ultimate patch was launched on November 18 2024, after thorough testing and validation.
Learn extra on vulnerabilities affecting WordPress web sites: Essential LiteSpeed Cache Plugin Flaw Exposes WordPress Websites
Woffice customers ought to replace to model 5.4.15 instantly to safe their websites. Failing to replace may depart web sites susceptible to full takeovers or malicious server code installations.
“The vulnerabilities mentioned right here spotlight the significance of safe registration,” Patchstack warned. “Directors, fairly, have a really impactful quantity of energy relating to management over a WordPress web site – permitting unknown customers this stage of privilege might be extraordinarily harmful.”
The corporate additionally suggested builders to undertake strict function validation and authentication measures to keep away from comparable vulnerabilities in customized login and registration programs. These safeguards are important for sustaining a safe WordPress atmosphere.
Picture credit score: Wirestock Creators / Shutterstock.com
