The vulnerability actually resides in most versions of a WordPress plugin called Wettable Powder Slimstat (WP-Slimstat)
. While there are more than 70 million websites on the Internet currently running WordPress, more than 1.3 Million of them use the ‘WP-Slimstat’ Plugin
, making it one of the popular plugins of WordPress for powerful real-time web analytic.
All the WP-Slimstat versions prior to the latest release of Slimstat 3.9.6 contain an easily guessable ‘secret’ key
which is used to sign data sent to and from the visiting end-user computers, explained in a blog post
published Tuesday by Web security firm Sucuri.
Once the weak ‘secret’ key is break, an attacker could perform an SQL injection attack against the target website in order to grab highly sensitive information from victim’s database, including encrypted passwords and the encryption keys used to remotely administer websites.
“If your website uses a vulnerable version of the plugin, you’re at risk,” Marc-Alexandre Montpas, a senior vulnerability researcher at Sucuri, wrote.
“Successful exploitation of this bug could lead to Blind SQL Injection attacks, which means an attacker could grab sensitive information from your database, including username, (hashed) passwords and, in certain configurations, WordPress Secret Keys (which could result in a total site takeover).“
The WP-Slimstat ‘secret’ key is just an MD5 hash version of the plugin’s installation timestamp. With the use of sites like Internet Archive, a hacker could easily identify the year a target vulnerable website was put on the Internet.
This would left an attacker with about 30 Million values to test, that could be completed in about 10 minutes with most modern CPUs. Once the secret key has been detected, the attacker can use the key to tug sensitive data out of the database.
Users who run their websites on the WordPress content management system and have this popular WP-Slimstat plugin installed are being cautioned to upgrade their websites immediately in order to protect your website from this dangerous vulnerability.