Easy FancyBox WordPress Plugin Information Disclosure Scanner

Easy FancyBox is a popular WordPress plugin used by website administrators to enhance the display of images, videos, and other multimedia content in lightbox overlays. It is widely employed on WordPress sites to improve the visual appeal of web pages by adding interactive and attractive pop-up windows. The plugin is developed and maintained to integrate seamlessly with different WordPress themes, making it a favorable choice for web developers and designers aiming for enhanced user experiences. Its user-friendly interface and wide compatibility make it a tool of choice for both beginner and advanced WordPress users. The plugin is extendable with various features, allowing site owners to customize its behavior according to specific needs and preferences. As a result, Easy FancyBox serves an essential function in enriching website functionality and design.

This scanner detects an Information Disclosure vulnerability in the Easy FancyBox WordPress Plugin. The vulnerability is due to improper access restrictions, allowing unauthenticated users to access sensitive file paths. Such disclosures can aid attackers in crafting further exploitation of the website, potentially leading to more severe attacks. The issue arises because specific source files of the plugin do not adequately restrict access, leaving the web application exposed. This vulnerability mainly impacts websites that have not implemented necessary security controls and allow unrestricted access to certain URLs. As information disclosure can be an entry point for more dangerous exploits, addressing this vulnerability is crucial for maintaining website security.

In this vulnerability, the endpoint involved is the plugin's PHP file found at '{{BaseURL}}/wp-content/plugins/easy-fancybox/easy-fancybox.php'. Unauthorized access to this endpoint can result in the disclosure of full server paths. The vulnerable parameter here is the plugin's source file, which when improperly accessed, reveals sensitive information. Successful exploitation occurs when a GET request to this path returns a status code of 200 and a body containing specific error messages. These messages, including "Fatal error" and "undefined function," indicate the presence of the information disclosure vulnerability. The vulnerability relies on external attackers sending requests to uncover server file paths, making it a significant threat if exploited correctly.

Exploiting this vulnerability can reveal full server paths to unauthorized actors, allowing them to map the server structure. With this knowledge, malicious individuals may mount further attacks such as Local File Inclusion (LFI), Remote Code Execution (RCE), or privilege escalation. The information disclosed can also facilitate phishing or social engineering attacks, as knowing server paths can lend credibility to malicious communications. If combined with other vulnerabilities, this information can be leveraged to gain unauthorized access or deploy malware on the server. Additionally, attackers may use disclosed data to evade security controls, leaving the website susceptible to data theft or manipulation.

REFERENCES

• https://wordpress.org/plugins/easy-fancybox/