A critical vulnerability found in the official Google WordPress plugin, Site Kit, could allow hackers to access Google Search Console on the targeted site. The plugin, which has over 400,000 installations, is used to configure various Google products that deliver information like web traffic, ad revenue, website speed, and optimization in WordPress. The Google Search Console privilege escalation vulnerability, which has now been fixed, has been found to be critical because it not only allows hackers to access Search Console, but can also modify sitemaps or falsify results pages. search engines (SERPs).
Vulnerable plugin
According to Wordfence experts, after connecting to the search console for the first time, the plugin generates a proxySetupURL that directs the webmaster to Google OAuth to perform a verification process using a proxy. Another issue where "the verification request used to verify site ownership was a recorded administrative action" was unable to verify the authenticity of the request. Combined, these flaws "allowed subscriber-level users to own Google Search Console on any affected site," the researchers said. Once hackers gained access to Google Search Console, they were able to launch black hat SEO campaigns by manipulating search engine results pages, injecting malicious code for illicit monetization, and modifying sitemaps. It also allows unauthorized access to view competitive performance data, as well as to remove web pages from Google search engine results pages. Google has released a fixed version of the Site Kit plugin by adding capacity checks and the ability to verify that the request was sent during a legitimate authenticated session. Also, it will now alert Search Console owners whenever a new owner is added to the console for added security. Via: BleepingComputer