HubSpot WordPress Plugin Vulnerability

WPScan and the United States Government National Vulnerability Database printed a discover of a vulnerability found within the HubSpot WordPress plugin. The vulnerability exposes customers of the plugin to a Server Side Request Forgery assault.

WPScan Vulnerability Report

The safety researchers at WPScan printed the next report:

“HubSpot < 8.8.15 – Contributor+ Blind SSRF

Description

The plugin doesn’t validate the proxy URL given to the proxy REST endpoint, which might enable customers with the edit_posts functionality (by default contributor and above) to carry out SSRF assaults”

Server Side Request Forgery (SSRF) Vulnerability

This vulnerability requires {that a} contributor stage subscriber be logged in for the publicity to occur.

The non-profit Open Web Application Security Project (OWASP), a worldwide group devoted to software program safety, an SSRF vulnerability may end up in the publicity of inside providers that aren’t meant to be uncovered.

According to OWASP:

“In a Server-Side Request Forgery (SSRF) assault, the attacker can abuse performance on the server to learn or replace inside assets.

The attacker can provide or modify a URL which the code working on the server will learn or submit information to, and by rigorously deciding on the URLs, the attacker might be able to learn server configuration corresponding to AWS metadata, connect with inside providers like http enabled databases or carry out publish requests in direction of inside providers which aren’t meant to be uncovered.”

The providers that aren’t speculated to be uncovered are:

“Cloud server meta-data

Database HTTP interfaces

Internal REST interfaces

Files – The attacker might be able to learn recordsdata utilizing <file://> URIs”

HubSpot WordPress Plugin

The HubSpot WordPress plugin is utilized by over 200,000 publishers. It gives CRM, stay chat, analytics and e-mail advertising associated capabilities.

The vulnerability found by WPScan notes that it was fastened in model 8.8.15.

However, the changelog that paperwork what was up to date within the software program exhibits that the HubSpot WordPress plugin acquired further updates to repair different vulnerabilities.

Here is an inventory of the updates in line with the official changelog, so as starting with the oldest replace:

= 8.8.15 (2022-04-07) =
* Fix safety challenge associated to proxy URL

= 8.9.14 (2022-04-12) =
* Fix safety challenge associated to kind inputs

= 8.9.20 (2022-04-13) =
* Fix safety challenge associated to sanitizing inputs

While the safety agency WPScan and the National Vulnerability Database state that vulnerability was fastened in model 8.8.15, in line with the HubSpot plugin changelog, there have been additional safety fixes all the way in which as much as model 8.9.20.

So it my be prudent to replace the HubSpot plugin to at the very least model 8.9.20, though absolutely the newest model of the HubSpot WordPress plugin, as of this writing, is model 8.11.0.