Home Latest Cyber Security News | Network Security Hacking Code Injection Vulnerability Found In HTML Mail WordPress Plugin
Latest Cyber Security News | Network Security HackingNewsVulnerabilities

Code Injection Vulnerability Found In HTML Mail WordPress Plugin

by Abeerah Hashim
written by Abeerah Hashim
Popup Builder plugin flaw exploited to deploy malware

A serious code injection vulnerability riddled the WordPress HTML Mail plugin, thus potentially putting thousands of websites at risk. Thankfully, the vendors have patched the flaw. Users should update their websites with the latest plugin version to avoid risk of exploit.

HTML Mail Plugin Vulnerability

According to the latest blog post from team Wordfence, the HTML Mail WordPress plugin had a high-severity code injection vulnerability. This vulnerability, identified as CVE-2022-0218, achieved a CVSS score of 8.3.

Specifically, the flaw existed due to an unsecured REST API endpoint that an unauthenticated attacker could exploit. The plugin uses those REST API routes to retrieve or update email template settings.

However, an adversary could gain unauthorized access to the endpoint and meddle with email template settings. Describing the vulnerability, the researchers stated,

More specifically, the plugin registers the /themesettings endpoint, which calls the saveThemeSettings function or the getThemeSettings function depending on the request method. The REST-API endpoint did use the permission_callback function, however, it was set to __return_true which meant that no authentication was required to execute the functions. Therefore, any user had access to execute the REST-API endpoint to save the email’s theme settings or retrieve the email’s theme settings.

Such exploitation would allow the attacker to send phishing emails.

In a real-time scenario, such phishing attacks could be more damaging since the emails would arrive from legit senders. Hence, victims would never get an idea of the maliciousness of the email content.

Likewise, the worst exploitation of this vulnerability would allow devastating code injection attacks for site admins.

Unauthenticated attackers could inject malicious JavaScript into the mail template that would execute anytime a site administrator accessed the HTML mail editor.

Patch Deployed

After discovering this vulnerability, Wordfence reported the matter to the developers of the plugin in question.

Consequently, the developers rolled out the HTML Mail plugin version 3.1 with the patches.

The plugin currently boasts over 20,000 active downloads, indicating the websites at risk due to the plugin’s flaw. Hence, all site admins using the plugin should rush to update their websites to the latest patched plugin version.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Multiple Vulnerabilities Found In Forminator WordPress Plugin

Palo Alto Networks Patched A Pan-OS Vulnerability Under...

Apple Removed Numerous Apps From China App Store

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...