In Mid-September, security researchers at Wordfence (Defiant) uncovered two severe vulnerabilities in Post Grid. Post Grid is a WordPress plugin with more than 60,000 installations, developed by PickPlugins.
During the analysis, the team discovered almost identical vulnerabilities in Team Showcase, another plugin developed by the same author. Team Showcase has over 6,000 installations.
The good news is that the plugin developers released patches only a few hours after disclosing the flaws.
Post Grid and Team Showcase Plugin Vulnerabilities
The first plugin allows users to display their posts in a grid layout, whereas Team Showcase displays an organization’s team members. Both plugins permitted the import of custom layouts, with nearly identical functionalities. Even though Post Grid didn’t use the vulnerable import function, it still contained the flawed code, making it vulnerable.
A logged-in attacker could exploit both plugins with minimal permissions in Stored Cross-Site Scripting (XSS) attacks. The exploit could be done by sending a specific AJAX request.
Affected versions are Post Grid < 2.0.73 and Team Showcase < 1.22.16. The other vulnerabilities affecting both plugins could trigger PHP Object injection. The same layout functions posed the risk of PHP Object injection via the same method used in the cross-site scripting attack. This was possible thanks to the vulnerable functions, which unserialized the payload supplied in the source parameter. This flaw also required an attacker to have minimal privileges, such as a subscriber lever. “However, sites using a plugin or theme that allowed unauthenticated visitors to execute arbitrary shortcodes would be vulnerable to unauthenticated attackers,” Wordfence says.
How to stay protected?
If your WordPress site uses either of these plugins, you should update to the latest versions immediately. Currently, the latest Post Grid version is 2.0.73, whereas the newest version of Team Showcase is 1.22.16.
If you need more technical details about the flaws, you can refer to the original findings.