WordPress GDPR Plug-in Contains Privilege Escalation Flaw
A WordPress plug-in, WP GDPR Compliance, contains a critical flaw that permits unauthenticated users to escalate privileges and obtain administrative access. The vulnerability exists within the wp-admin/admin-ajax.php file, allowing threat actors to execute any action against a site, such as editing database values to generate new admin users. With administrative rights, threat actors can delete other user accounts, install backdoors to maintain persistence, and use the infected site to spread malware or redirect traffic to malicious webpages. The WordPress team quickly patched the vulnerability in their 1.4.3 release, but over 100,000 users may run the risk of exploitation if they do not apply the patch. The NJCCIC highly recommends WordPress users install the latest update of the plug-in and review the Wordfence blogpost for more technical details and indicators of compromise (IOCs).