CSVINJECTION FOUND IN WP_EVENTMANAGER
A popular plugin known as WordPress Event Manager (wp_eventmanager) is under attack. The CSVinjection found in WP_EventManager during a recent update published on Feb 5th, 2020. The vulnerability discovered during a recent version update to v22.214.171.124.
Currently 100,000+ WordPress websites across the globe are at at risk using this plugin. We are going to discuss some more information about this vulnerable attack and necessary precautions to deal with it. As you can the active installation of this plugin are 100k+ and users who are not technical are all at the verge of getting hacked.
What is CSV Injection?
This is also known as Formula injection. Hackers mostly send a link through the form available on frontend which a website admin can export through a .CSV file type. These malicious formula starts working once admin open the document through MSExcel and click the URL in booking details. Hackers mostly do this for following reasons:
- Hijack user’s laptop or PC with malicious link supported with spreadsheet formula.
- Exploit user’s tendency to ignore security warnings in spreadsheets while downloading from their website wordpress admin to see booking details.
- Take control of user’s website, PC or laptop.
What are the Precautions?
We recommend following precautions for the users who are actively receiving bookings using WordPress Event Manager plugin:
- Run a security scan of your website regularly for spams or malicious content.
- Got your PC or Laptop covered with a good anti virus such as Avast AntiVirus. You can download it for FREE.
- Make sure not to click on any URL that is unknown or found in the CSV export from wp_eventmanager. See screenshot below to keep yourself aware of how malicious formula looks like.
How to resolve CSV Injection in Event Manager v126.96.36.199?
WordPress event manager released a new update v188.8.131.52. which covers this csv_ injection but we still recommend to follow a few steps below:
- Update the plugin to its latest version i.e. 184.108.40.206.
- Keep a strict eye for monitoring of all bookings you are exporting.
- Never click on a link that is unknown to you.
- If you are not familiar, contact a professional.
Don’t forget to read about:
- Setting up Sitemap of your WordPress website for better Google appearance.
- Robot.txt file setup for your WordPress website.
- Why Yoast SEO is important for your website?
If this article helped you, show your support on Social Media