Vulnerability in Information Leakage of WordPress Plugin "SiteGuard WP Plugin": WPV2024001

Publication Date: May 31, 2024

Last Updated: May 31, 2024

Overview

It has been identified that WordPress Plugin "SiteGuard WP Plugin" versions prior to 1.7.6 have a vulnerability that can lead to information leakage. If this vulnerability is exploited, there is a risk that the modified login path facilitated by this Plugin could leak, leading to unauthorized login attempts. The affected versions of "SiteGuard WP Plugin" are listed below; please use the updated versions.

Method to Confirm Affected Products

The affected products are as follows:

Product Name: WordPress Plugin "SiteGuard WP Plugin"

Affected Versions:

Versions prior to 1.7.6

The method to confirm the version number you are using is as follows:

Login with a user who has administrator privileges in WordPress, and select "Plugins" from the left menu.

From the list of Plugin, locate "SiteGuard WP Plugin" and confirm the version display.

Description of the Vulnerability

WordPress Plugin "SiteGuard WP Plugin" is equipped with a "Rename Login Function" that allows changing the standard login path (wp-login.php) to any path, aimed at reducing mechanical login attempt attacks. Although there are measures in place to prevent redirection to the modified login path when accessing /wp-activate.php or /wp-signup.php, the measures to prevent redirection were missing when accessing /wp-register.php. Therefore, when accessing /wp-register.php (or "/anypath/wp-register.php"), the modified login path gets redirected, potentially exposing the system to login attempt attacks.

Threats Posed by the Vulnerability

If the option "Do not redirect from the admin page to login page" of the Rename Login Function is checked (unchecked by default), it was anticipated that the modified login path would not be leaked. However, accessing /wp-register.php results in the leakage of the modified login path. If the modified login path leaks, there is a possibility of login attempt attacks, although an immediate login is not permitted.

Method of Countermeasures

Customers using products prior to version 1.7.6 should update to version 1.7.7 or later. You can update from the list of WordPress Plugins.

Workaround

The only method to avoid this vulnerability (leakage of modified login path) is to update to version 1.7.7 or later. Using the features "CAPTCHA", "Login Lock", and "Fail Once" of this Plugin can reduce the likelihood of a successful login attempt attack.

Related Information

Information Leakage Vulnerability in JVN#60331535 WordPress Plugin "SiteGuard WP Plugin"

Acknowledgment

This issue was reported by Mr. Yuta Watanabe of STNet Corporation. Thank you very much.

Update History

May 31, 2024: This vulnerability information page was published.

Contact Information

Vulnerability Reporting Contact

EG Secure Solutions Inc.  SiteGuard WP Plugin Support Contact

Email: sg-wp-plugin@eg-secure.co.jp