WordPress Author Security
WordPress is one of the most frequently used content management systems and is used for millions of websites.
Further information can be found here: https://trends.builtwith.com/cms/WordPress
The vulnerabilities in WordPress and its plugins were fund and fixed, but what remains is the username enumeration. The easiest way to do this is via the author pages. These pages are used to display information about authors of articles or blog posts. But the problem that arises is that an attacker can find out valid usernames of the system. If he has the usernames he can try to get the password by brute force attacks or social engineering and logs into the application as the user. In addition, it can lead to data protection problems if all users of a company can be listed via WordPress.
WordPress offers two ways to enumerate users via the author pages:
1: About the Author ID
For this you only have to add another parameter (author) to the URL. If an author exists under the given ID, you will be redirected to the corresponding author page.
2: About the Permalink
For this method the username is written directly into the URL to get to the author page.
Common plugins only disable the first method. Also, many tutorials found on the Internet cover only the first method. The permalinks are mostly ignored. To avoid this, our colleague Alexander Elchlepp has developed a plugin for WordPress, which prevents both methods. You can find this plugin on Github at: https://github.com/mgm-sp/wp-author-security.
Are you unsure whether your WordPress instance is secure? Please feel free to contact us!
mgm sp @ Heise DevSec
With the topic “How practical is DevSecOps really? – A field report” our colleague Maximiliane Zirm is present at this year’s Heise devSec.
Pentest FAQ – #7 and #8 – What is a penetration test? And what is it not?
In our Big Application Security Penetration Test FAQ for clients we answer everything you should know before, during and after the commissioning of an Application Security Penetration Test.
In focus today: : Questions #7 and #8 – What is a penetration test? And what is it not?
The Big Application Security Penetration Testing FAQ for Clients
Have you ever wondered what a pentest is exactly or how such a test works? Our Big Application Security Penetration Test FAQ for clients answers these questions and much more.
Tool Tuesday – nmap
One tool which should be installed on every pentester PC is nmap. This command line tool is the Swiss army knive for penetration tests on network level, but also used regularly by system administrators.
mgm sp @ Munich
Our head office is located in the heart of Bavaria, since the time of SecureNet. Come have a look!