WordPress Author Security
WordPress is one of the most frequently used content management systems and is used for millions of websites.
Further information can be found here: https://trends.builtwith.com/cms/WordPress
The vulnerabilities in WordPress and its plugins were fund and fixed, but what remains is the username enumeration. The easiest way to do this is via the author pages. These pages are used to display information about authors of articles or blog posts. But the problem that arises is that an attacker can find out valid usernames of the system. If he has the usernames he can try to get the password by brute force attacks or social engineering and logs into the application as the user. In addition, it can lead to data protection problems if all users of a company can be listed via WordPress.
WordPress offers two ways to enumerate users via the author pages:
1: About the Author ID
For this you only have to add another parameter (author) to the URL. If an author exists under the given ID, you will be redirected to the corresponding author page.
2: About the Permalink
For this method the username is written directly into the URL to get to the author page.
Common plugins only disable the first method. Also, many tutorials found on the Internet cover only the first method. The permalinks are mostly ignored. To avoid this, our colleague Alexander Elchlepp has developed a plugin for WordPress, which prevents both methods. You can find this plugin on Github at: https://github.com/mgm-sp/wp-author-security.
Are you unsure whether your WordPress instance is secure? Please feel free to contact us!
Tool Tuesday – sqlmap
Is your web application vulnerable to SQL Injection? With sqlmap you can test it.
Attack Afternoon – CSRF Countermeasures #1
CSRF Countermeasures #1: One possibility to prevent CSRF is the usage of an anti-CSRF token.
Attack Afternoon – CSRF
CSRF stands for “Cross-Site Request Forgery” and is a classic among web application attacks. With this attack, it is possible to perform certain user actions without them noticing it. But how exactly does this attack work?
it-sa 2019 – Lean Application Security
At the it-sa 2019 we will present our innovative consulting concept Lean Application Security.
mgm sp @ Dresden
Our second office is located in Dresden, the capital of Saxony. Come have a look at our office there!