Security researchers from WPScan and Wordfence have identified seventeen plugins released by Catch Plugins (a division of Catch Themes, LLC) that have vulnerabilities. These vulnerabilities are considered high and can allow an attacker to modify plugin configurations.
Cross-Site Request Counterfeiting (CSRF)
A user authentication exploit (without ability check) and a website request forgery (CSRF) vulnerability affects 17 plugins released by Catch Themes.
These vulnerabilities allow any logged-in user, even a subscriber, to make changes that are generally reserved for WordPress users with the highest editing privileges, such as the website administrator.
According to WordPress security plugin publisher WPScan:
Advertising
Continue reading below
“Several plugins from the CatchThemes provider do not perform capacity and CSRF checks in the ctp_switch AJAX action, which could allow any authenticated user, such as the subscriber, to change the plug-in configurations. “
Wordfence Reports Vulnerability in Catch Demo Import WordPress Plugin
Wordfence has also published an advisory on a critical vulnerability discovered in one of these plugins, the Catch Theme Demo Import (versions up to and including version 1.7).
Capture themes Demo Import the WordPress plugin turned out to have a Arbitrary File Download Vulnerability.
It is not known how severe this specific vulnerability is. The vulnerability was rated by Wordfence as 9.1 on a scale of 1 to 10 and described as critical. However, the vulnerability was listed in the US government’s National Vulnerability Database with a rating of 7.2 (high).
Advertising
Continue reading below
According to Wordfence:
The Catch Themes demo import WordPress plugin is vulnerable to arbitrary file downloads via the import functionality found in the ~ / inc / CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation “
Wordfence recommends upgrading to version 1.8 or newer.
Vulnerabilities Discovered in Seventeen Catch WordPress Themes Plugins
WPScan lists seventeen WordPress Catch Themes plugins that have been discovered to have vulnerabilities. All seventeen have been disclosed to the publisher of the plugin and have been fixed.
More than 300,000 installations affected
Most of the seventeen plugins are very popular.
These are the 10 most popular Catch Themes plugins, with the number of installs listed next to them.
Ten Most Popular Vulnerable Catch Theme Plugins
- Up – 80,000 Installations
- Type of essential contents – 50,000 installations
- Capture ID – 40,000 installations
- Catch the web tools – 20,000 installations
- Social gallery and widget – 20,000 installations
- Catch the Infinite Scroll – 20,000 installations
- Capture gallery – 20,000 installations
- Essential widgets – 20,000 installations
- Catch Instagram Feed Gallery & Widget – 20,000 installations
- Catch Themes Demo Import – 10,000 installations
Seventeen Vulnerable Catch Theme Plugins
Here are the seventeen plugins reported by WPScan as having a vulnerability which was subsequently fixed:
- Essential widgets
Fixed in version 1.9 - Up
Fixed in version 2.3 - Header improvement
Fixed in version 1.5 - Generate a child theme
Fixed in version 1.6 - Essential types of content
Fixed in version 1.9 - Catch the web tools
Fixed in version 2.7 - Under construction
Fixed in version 1.4 - Catch Themes Demo Import
Fixed in version 1.6 - Catch the sticky menu
Fixed in version 1.7 - Capture scroll progress bar
Fixed in version 1.6 - Catch Instagram Feed Gallery & Widget
Fixed in version 2.3 - Catch the Infinite Scroll
Fixed in version 1.9 - Capture Import Export
Fixed in version 1.9 - Capture gallery
Fixed in version 1.7 - Capture the duplicate switch
Fixed in version 1.6 - Catch the breadcrumbs
Fixed in version 1.7 - Capture ID
Fixed in version 2.4
Advertising
Continue reading below
Users are recommended to consider updating to the latest versions of the plugin
Publishers who use affected Catch Themes plugins and want to avoid the unintended consequences of using vulnerable versions of those plugins should consider upgrading to the latest versions of the plugins now available.
Failure to do so may result in unnecessary exposure to a hacking event.
Quotes
Read the WPScan review on Catch Themes plugins
Several plugins from CatchThemes – Modification of plugin settings not allowed
Wordfence Advisory of Catch Themes Plugin
Catch Themes Demo Import
National Vulnerability Database Catch Themes Plugins Reviews
Catch Themes Demo Import the vulnerability of the WordPress plugin CVE-2021-39352 Detail
Advertising
Continue reading below
National Vulnerability List of Multiple Catch Theme Plugins Vulnerability Database
Comments are closed.