Disqus Wordpress Plugin Vulnerability

A vulnerability has been discovered in the Disqus plugin for Wordpress allowing for Remote Code Execution. The Disqus plugin is used on nearly 2 million Wordpress blogs.

Who is Vulnerable?

A remote attacker could successfully execute remote code provided the following version of software are true:

  • PHP <= 5.1.6
  • Wordpress <= 3.1.4
  • Disqus Plugin <= 2.75

How it Works

A specially crafted comment on a Wordpress post, such as {${phpinfo()}}, followed by opening the comment synchronization URL http://www.example.com/?cf_action=sync_comments&post_id=TARGET_POST_ID, is all that is needed to execute remote code.

How do I Fix It?

Log into your Wordpress administration panel and update the Disqus plugin. Make sure PHP is up-to-date with the latest version.

Published At
Tagged with