Plugins for WordPress are frequently causing security issues with their bugs. Last month we have shared the Elementor vulnerability that allowed remote code execution. The WordPress security company Patchstack has also shared the details of the vulnerable plugins; stating that 29% of the critically vulnerable plugins have never received a patch. Now, the Jupiter theme and JupiterX Core plugins are vulnerable.
Allowing complete site take over
Another WordPress security company Wordfence has found some serious vulnerabilities in the Jupiter theme and JupiterX Core plugins. One of the vulnerabilities, which can be tracked as CVE-2022-1654, has a CVSS score of 9.9. It allows any authenticated users (including customers) to gain admin privileges. Gaining administrative privileges means the user can perform everything on the website; including completely changing its content, deleting everything, and running/injecting malicious codes.
The vulnerability affects Jupiter theme versions older than 6.10.2 (this is the updated, safe version), JupiterX theme versions older than 2.0.7 (this is the safe one), and JuptierX Core Plugin versions older than 2.0.8. So, make sure your instance has those versions installed.
While Wordfence checking for security problems, they also discovered additional vulnerabilities which can be seen below:
- CVE-2022-1656 (CVSS 6.5): Insufficient access control leading to authenticated arbitrary plugin deactivation and settings modification
- CVE-2022-1657 (CVSS 8.1): Authenticated path traversal and local file inclusion
- CVE-2022-1658 (CVSS 6.5): Insufficient access control leading to authenticated arbitrary plugin deletion
- CVE-2022-1659 (CVSS 6.3): Information disclosure, modification, and denial of service
The vulnerabilities above have also been fixed with the aforementioned updates that fix CVE-2022-1654.