WordPress Struck With Numerous Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress released a security release to attend to multiple vulnerabilities found in versions of WordPress prior to 6.0.3. WordPress likewise upgraded all variations given that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database published cautions of several vulnerabilities affecting WordPress.

There are multiple sort of vulnerabilities impacting WordPress, including a type referred to as a Cross Website Scripting, typically referred to as XSS.

A cross site scripting vulnerability generally arises when a web application like WordPress does not effectively inspect (sanitize) what is input into a kind or submitted through an upload input.

An opponent can send out a harmful script to a user who checks out the website which then carries out the malicious script, thereupon supplying delicate info or cookies including user credentials to the opponent.

Another vulnerability found is called a Kept XSS, which is normally considered to be even worse than a routine XSS attack.

With a saved XSS attack, the harmful script is kept on the site itself and is performed when a user or logged-in user visits the website.

A third kind vulnerability found is called a Cross-Site Demand Forgery (CSRF).

The non-profit Open Web Application Security Task (OWASP) security site explains this type of vulnerability:

“Cross-Site Demand Forgery (CSRF) is an attack that requires an end user to perform undesirable actions on a web application in which they’re presently validated.

With a little help of social engineering (such as sending a link via email or chat), an aggressor may fool the users of a web application into executing actions of the enemy’s picking.

If the victim is a regular user, a successful CSRF attack can force the user to carry out state altering demands like transferring funds, changing their e-mail address, and so forth.

If the victim is an administrative account, CSRF can jeopardize the entire web application.”

These are the vulnerabilities discovered:

  1. Saved XSS through wp-mail. php (post by e-mail)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Reflected XSS via SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Saved XSS by means of the Customizer
  7. Go back shared user circumstances presented in 50790
  8. Saved XSS in WordPress Core through Remark Editing
  9. Data direct exposure through the REST Terms/Tags Endpoint
  10. Content from multipart emails dripped
  11. SQL Injection due to inappropriate sanitization in ‘WP_Date_Query ‘RSS Widget: Stored XSS problem
  12. Stored XSS in the search block
  13. Feature Image Block: XSS problem
  14. RSS Block: Kept XSS problem
  15. Fix widget block XSS

Advised Action

WordPress recommended that all users update their websites immediately.

The official WordPress statement specified:

“This release includes several security fixes. Due to the fact that this is a security release, it is recommended that you update your sites instantly.

All versions because WordPress 3.7 have actually also been upgraded.”

Read the official WordPress statement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Featured image by Best SMM Panel/Asier Romero