A Vulnerability in WordPress InfiniteWP Client Plugin Could Allow for Authentication Bypass

ITS Advisory Number: 
2020-008
Date(s) Issued: 
Thursday, January 16, 2020
Subject: 
A Vulnerability in WordPress InfiniteWP Client Plugin Could Allow for Authentication Bypass
Overview: 

A vulnerability has been discovered in the Revmakx InfiniteWP Client Plugin that could allow for authentication bypass. WordPress is a web-based publishing application implemented in PHP, and the Revmakx InfiniteWP Client Plugin allows website administrators to manage an unlimited number of WordPress sites from a centralized management server. Successful exploitation of this vulnerability could allow for authentication bypass with admin privileges.

Systems Affected: 
  • Revmakx InfiniteWP Client Plugin prior to 1.9.4.5
RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
Medium
BUSINESS
Large and medium business entities: 
High
Small business entities: 
Medium
Home Users: 
Low
Description: 

A vulnerability has been discovered in the Revmakx InfiniteWP Client Plugin that could allow for authentication bypass. This vulnerability exists because the plugin fails to properly authenticate users accessing the iwp_mmb_set_request function in the init.php file. An unauthenticated attacker can exploit this issue by encoding the payload containing the admin username with JSON, then Base64 and sending it via POST request to the affected site. Successful exploitation of this vulnerability could allow for authentication bypass with admin privileges.

Actions: 
  • Verify no unauthorized system modifications have occurred on system before applying patch.
  • After appropriate testing, immediately apply updates provided by Revmakx manually to affected systems.
  • Apply the Principle of Least Privilege to all systems and services.
  • Monitor intrusion detection systems for any signs of anomalous activity.
  • Unless required, limit external network access to affected products.