Disqus Wordpress Plugin Vulnerability
A vulnerability has been discovered in the Disqus plugin for Wordpress allowing for Remote Code Execution. The Disqus plugin is used on nearly 2 million Wordpress blogs.
Who is Vulnerable?
A remote attacker could successfully execute remote code provided the following version of software are true:
- PHP <= 5.1.6
- Wordpress <= 3.1.4
- Disqus Plugin <= 2.75
How it Works
A specially crafted comment on a Wordpress post, such as {${phpinfo()}}
, followed by opening the comment synchronization URL http://www.example.com/?cf_action=sync_comments&post_id=TARGET_POST_ID
, is all that is needed to execute remote code.
How do I Fix It?
Log into your Wordpress administration panel and update the Disqus plugin. Make sure PHP is up-to-date with the latest version.