WordPress Plugins at Risk From a Compromised Polyfill Library

WordPress plugins are currently at grave risk due to a significant security vulnerability discovered recently, according to a security advisory recently issued by Patchstack. Editors of plugins need to take necessary precautions to help secure their users against attacks on their websites. The article gives a brief overview of the disclosed threat, its potential consequences, and possible courses of action.

The security advisory posted by Patchstack refers to the Polyfill supply chain assault that was first brought to attention on June 25. This security breach's main target was the Polyfill.js library which assists in making modern-day functionalities on various web platforms that might lack such support. According to the detection and intervention of the problem from Sansec and Patchstack respectively, the supply chain attack managed to infiltrate the polyfill.io domain following its acquisition by an unknown Chinese entity named Funnull which considerably raises the jeopardy of any potential compromise such as might be observed with third party scripts used across linked domains.

When the malicious attack occurred, the Polyfill.js files in the domain were found to contain certain lines of code without the knowing of the users who utilized this specific library for the aforementioned modern functionality. These injected lines of code introduced cross-client-side scripting vulnerabilities which, if realized, different security hazards for the users’ information and spread across other pages to harm website visitors excessively. Somehow, vulnerable older versions of such plugins made it even probable for funnelling visitors to deceitful gambling portals while acting in the background with their online presence and privacy rights.

In its research, that security software company known as Sansec points out is the fact that the affected domains weren’t merely restricted to polyfill.io alone but they included a combination with many other domains such as bootcdn.net as well as bootcss.com. What it’s simply trying to point out is that the threat is no just one but it extends to involve a bigger number of areas in the online world. These domains are presently under maintenance or have been deactivated so as to prevent harm which may now be caused but either way, the risk isn’t yet over and it can be over for sure until you review all the parts of your project which are affected and protect them accordingly. This information is something which might be a little bit scary but always remember that anything which has been determined can also be handled and overcome properly in the best way possible.

Moreover, WordPress security company Patchstack has come out with its analysis showing that a lot of themes or plugins within WordPress still continue to use scripts from the affected domains in questions which points to a grim situation. Based on this research, we have a list of problematic plugins that have been unfortunately engaging with vulnerable scripts. Some of these plugins listed were Amelia, WP User Frontend, and Product Customer List for WooCommerce. These products have been found using a series of risky scripts in their versions that have been outlined extensively in an advisory for all developers that are concerned.

Leave a comment



Copyright 2019 - 2024 Copyright sujee.com.au. Your WordPress developer Chadstone Melbourne
ABN 52 391 722 102