How can an anti-spam WordPress plugin expose user data?


In recent news a WordPress Anti-spam plugin, “Spam protection, Firewall, AntiSpam by CleanTalk ” was discovered to have been faulted with the intervention of SQL.

SQL is a language, specifically used in designing and programming for managing data in a comparative database system or for managing assembled data. This SQL flaw discovered in WordPress enables an unauthorized tracker to have access to the user’s passwords, emails, bank account details, credit card information, and any other personal information.

What is the CVSS issue?

The whole purpose of Spam Filtering, Firewall by CleanTalk is to filter unauthorized access and comments, and spam on those websites where it has been installed. The issue arises with CVE-2021-24295 and its CVSS exposure of 7.5 out of 10 causing filtration issues, that is, it keeps a track of various IP addresses. The issue is not limited here but rather extends to jeopardizing agent-user connections that are sent from browsers for identifying themselves.

According to analysis, now a developer has to encounter the unfortunate vulnerabilities with the functioning of the update_log in CleanTalk/Firewall/lib/ApbctWP/SFW.php, particularly used for inserting into the database, the records of requests.

How does CVSS score impact user vulnerability?

CVSS or Common Vulnerability Scoring System is a number that essentially associates with the gravity of the given vulnerability in the security of information or data.

CVSS scores are used by technical training companies for comparing the charts between the vulnerabilities and as a tool for determining which vulnerability is the most severe. When this CVSS score is higher there is a higher risk and even more severe vulnerability.

Unauthorized interception of data through SQL administration

The administration of SQL is a vulnerability in web security that allows unauthorized attackers to intervene with the queries made in an application database. This is done to infer or intercept the responses which are returned from the database, based on the initial queries made.

To eliminate the risk of databases being interfered, during the administration of SQL, is to make use of prepared statements. Prepared statements allow the isolation of each parameter of the query so that unauthorized attackers are unable to view the whole scope of the returned data. This can be more appropriately done when you hire experts for interpreting the vulnerability.

The CleanTalk plugin vulnerability

Out of its several functions, CleanTalk plugin’s fundamental function is to provide protection to website owners against spam comments on blogs. This is done by maintaining a list that tracks the IP addresses and also blocks them. This also includes the association between the user and the agent.

The vulnerability of CleanTalk was exploited by using the blind administration of the SQL technique. This particular procedure sends database appeals that tend to ‘estimate’ the database content from the table. The vulnerability lies further in the fact that when the estimation is made correctly, the database can be instructed to hibernate or delay the response sent back by the database.

The functioning of the update_log contained in the PHP file, as discussed previously, was the primary reason behind the manipulation of the vulnerability. The file stored in lib/CleanTalk/ApbctWP/Firewall/SFW.php, records of requests can be added into a SQL database by attackers; particularly the one where a prepared statement was not used.

Generally, the update_log function is to be executed only once, per IP address visitor. The manipulation in data occurs in the form of cookie manipulation, which was originally set by the plugin. The first request was to obtain the cookies, Ct_sfw_pass_key, following which a manual cookie, named ct_sfw_passed, could be set by the attacker. What does it do, you say? The separate new cookie then effectively rejects the actual cookie ‘s reset ability.

The events that happened thereafter is that instead of SELECT, the vulnerable query made in SQL ended up using INSERT. Although the vulnerability was severe in the beginning this particular manipulation of vulnerability made it difficult for attackers to commit any further damage to a website, by altering its database. You can hire experts to walk you through the process.

What were the lessons learned?

Just like the saying goes, prevention is better than cure, as a possible solution to avoid this spam, hire expert WordPress developers who can suggest you patch and upgrade the plugins on your website if you are still using the outdated version of any of the CleanTalk Anti Spam plugins.

Share this

Must Read

Who Are The Top Manufacturers For Animal Health Pharmaceuticals?

The animal health pharmaceutical industry is a vital component of global healthcare, responsible for producing medications, vaccines, and other products that ensure the health...

Decoding Slot Symbols: Understanding Wilds, Scatters, and Multipliers

Slot machines are not only about spinning reels and matching symbols; they also feature special symbols that can significantly impact gameplay and increase your...

The Mystery of Scatter Symbols: Your Gateway to Free Spins

In the world of online slots, symbols play a pivotal role in determining the outcome of the game. Among these symbols, the scatter symbol...


How Was Beer Made in the 18TH Century?

Imagine you're a brewer in the 18th century, tasked with turning simple ingredients into a satisfying pint. You'd start with barley, soaking and germinating it before drying it in a kiln to preserve essential enzymes. Next, you'd mash the malted barley in hot water to extract the sugars, setting the stage for fermentation. Boiling the wort with hops would add...

Adolphus Busch: The Visionary Behind Beer Powerhouse Anheuser-Busch

Adolphus Busch was born on July 10, 1839, in Kastel, Germany, and later immigrated to the United States in 1857. His journey to becoming a brewing magnate began when he joined the E. Anheuser & Co. brewery in St. Louis, Missouri, which was owned by his father-in-law, Eberhard Anheuser. With a keen business acumen and innovative spirit, Busch quickly...

The Story Behind the Famous “King of Beers” Slogan for Budweiser

Budweiser is a prominent name in the beer industry, known for its iconic slogan "King of Beers." This slogan has an interesting history that reflects the brand's journey in the United States. German immigrant Adolphus Busch arrived in the country in 1857 and later married Lilly Anheuser. He began working at his father-in-law's brewery, which would eventually become Anheuser-Busch. By...

Recent articles

More like this