WordPress is the most famous and widely used CMS in the world. A security researcher has disclosed a critical vulnerability in one of the most popular and widely used plugins on WordPress. That vulnerability allows the attackers to inject malicious code on AMP pages of the targeted website.
AMP, stands for Accelerated Mobile Pages. It is an open-source technology that has been designed by Google. This allows websites to build faster web pages to mobile visitors.
The vulnerable WordPress plugin in question is “AMP for WP – Accelerated Mobile Pages” that lets websites automatically generate valid accelerated mobile pages for their blog posts and other web pages.
AMP pages are some type of mandatory as Google releases mobile first index recently.
There are hundreds of plugins in the WordPress repository that allows websites to create AMP pages, “AMP for WP” has more than 100,000 active installations.
WordPress has recently removed this plugin temporarily from the library due to vulnerable code. The WordPress team or the plugin developer revealed the exact issue in the plugin.
Web security firm WebARX’s cybersecurity researcher Luka Sikic spotted it and a code-injection vulnerability in the “AMP for WP”.
Watch this video
This was later patched in its updated version.
The vulnerability resided in the way the ‘AMP for WP – Accelerated Mobile Pages’ plugin handled permissions for user accounts and WordPress AJAX hooks.
Sikic says in a blog post that “The AMP plugin vulnerability is located in the ampforwp_save_steps_data which is called to save settings during the installation wizard. It’s been registered as wp_ajax_ampforwp_save_installer ajax hook”.
“This particular plugin vulnerability is a critical issue for websites that allow user registration.”
In a recent post we have published that Popular WooCommerce WordPress Plugin Patches Critical Vulnerability. If you are using your WordPress website with this plugin, The cybersecurity expert Deepak Kumar Nath, highly recommend you to install the latest updates as soon as possible. This is already available on WordPress. Just hit update.