Authentication Bypass Vulnerability in WP Time Capsule Ver<1.21.16
WP Time Capsule is quite a popular WordPress plugin when it comes to WordPress back-ups & staging. It has turned the complex processes of backing up & staging a click’s affair.
However, given the fragile nature of security in WordPress plugins, vulnerability disclosures are not quite unexpected. Certainly, the WP Time Capsule plugin is no exception. In fact, on the 8th of January, a serious Authentication Bypass Vulnerability was discovered in this popular plugin.
This revelation has put more than 20,000 active users of the plugin at risk. Even though the plugin development team fixed the vulnerability and released the patched version 1.21.16 that same day, anyone on outdated versions faces the threat.
If you are on any version prior to 1.21.16, update quickly.
So far, there is no news of an exploit. But, if you continue to be on the vulnerable version, there are a lot of things that can go wrong.
With this blog post, we will take you through the basics of Authentication Bypass in WordPress and answer questions such as – what is Authentication Bypass & how it affects your website. We will also let you in on the security fixes you can implement to check the threat.
Here we start.
What is Authentication Bypass in WordPress?
Filling in the login page is perhaps the first step you take to get access to internal information in a site or any other software for that matter. When someone gets access to your site, admin panel, user account, etc. without proper authentication, it is known as “Authentication Bypass”.
OWASP defines Authentication Bypass as follows,
..simply skipping the log in page and directly calling an internal page that is supposed to be accessed only after authentication..
How Does it Affect Your Website?
Of course, anyone getting illicit access to your website’s internal content is bad. However, the consequences of an Authentication Bypass can be much adverse. I am listing some of the known outcomes in the following segment:
- An attacker with admin access can manipulate your website’s settings
- The attacker can exploit the site’s content or misuse the confidential information
- Hackers can upload a web shell on your website
There are other technical outcomes, that remain beyond the scope of this blog post.
What Should You Do?
As we already mentioned, the WP Time Capsule development team patched the vulnerability in updated version 1.21.16.
Updating to this version is the most prudent & logical step you can take.
Besides updating, implementing the following preventive measures shall only help you in protecting your WordPress site further:
- Do not expose your authentication schema in the client-side web browser script
- Validate all user input on the server-side
- Set up an encrypted data transfer mechanism between your browser and the server.
- Install a plugin to facilitate periodic re-authentication & session time out.
- Send all cookies and session data over an encrypted channel.
Know that using a vulnerable plugin on your website is the most common reason for getting hacked. We prompt all users of WP Time Capsule to move to the safe version as quickly as possible.
Additionally, securing your website with a dedicated security solution is always a recommendation.
If you have any questions to ask just comment below and someone from our team will get in touch.