CVE-2021-4448 Scanner

The Kaswara Modern VC Addons is a popular plugin for WordPress that extends the capabilities of the Visual Composer plugin. It is used by web developers and designers to create advanced visual components and enhance the functionality of WordPress websites. The plugin provides a variety of creative elements such as interactive sliders, carousels, and custom post types, which can be used to create visually appealing websites with ease. However, vulnerabilities in plugins like Kaswara Modern VC Addons can have significant impacts on the security and stability of WordPress sites. Therefore, it is critical for website administrators to regularly update and monitor the plugins they use. Despite its robust features, security vulnerabilities have been reported in certain versions, which necessitate prompt action to mitigate potential risks.

The Missing Authorization vulnerability in Kaswara Modern VC Addons for WordPress poses a significant security risk by allowing unauthorized access to perform actions on the affected sites. This vulnerability arises due to the lack of proper capability checking on various AJAX actions, which means actions that require authentication or specific user permissions can be executed by unauthenticated users. Such vulnerabilities can lead to unauthorized actions such as file uploading or deletion without the consent of an admin or a user with appropriate permissions. It exemplifies a security misconfiguration that can be exploited to compromise the integrity and confidentiality of the WordPress site. Site owners must ensure that proper authorization checks are in place to prevent exploitation.

Technically, the vulnerability is exploited through the WordPress AJAX interface, specifically targeting the endpoint used for AJAX requests. The missing authorization checks on this interface allow attackers to perform various actions that typically require administrative permissions. An unauthenticated attacker can craft a POST request to the '/wp-admin/admin-ajax.php' endpoint with specific actions such as importing data or uploading files. The vulnerable parameter 'action=kaswaraImportDemo' can be manipulated to bypass restrictions and perform unauthorized imports or file operations. Ensuring robust server-side validation and capability enforcement is critical to preventing such unauthorized requests.

If exploited, this vulnerability may lead to severe consequences, including unauthorized file uploads and deletions, unauthorized data imports, and other manipulations of the WordPress environment. An attacker could upload malicious scripts or delete critical files leading to a denial of service or complete site takeover. Moreover, the import of malicious data could result in data theft or further exploitation within the compromised WordPress environment. Mitigating such vulnerabilities is essential to maintaining the site's security posture and protecting user data and site functionality.

REFERENCES

• https://codecanyon.net/item/kaswara-modern-visual-composer-addons/19341477
• https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/kaswara/kaswara-modern-vc-addons-301-missing-authorization