Specialists Wordfence report that in early January, dangerous vulnerabilities were discovered in the popular WordPress Database Reset plugin installed on more than 80,000 sites. This is a plugin developed by WebFactory Ltd, designed to ease database setup and quick reset to default. As a result, bugs can be used to take over sites and reset tables in the database.
First issue tracked as
CVE-2020-7048 scored 9.1 out of 10 CVSS vulnerabilities. The experts found that none of the database functions are protected by any checks or warnings, due to which any user has the ability to reset any database tables without authentication. All it takes to reset the site is a simple request to delete posts, pages, comments, users, uploaded content, and so on.
The second vulnerability is identified by CVE-2020-7047 and has a CVSS score of 8.1. This bug allows any authenticated user (regardless of privilege level) not only to give himself administrative rights, but also to take away rights from other users with one simple request. Thus, the attacker will remain the only administrator and completely take control of the site.
“Each time a table is reset wp_users, all users are removed, including any administrators, except for the currently logged on user. The user sending such a request will be automatically promoted to administrator, even before that if he was a simple subscriber, ”specialists say.
All users of the affected plugin are advised to update it to the latest version immediately (WP Database Reset 3.15). So far, only 8% of users have managed to do this