WordPress Struck With Several Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress published a security release to address numerous vulnerabilities discovered in variations of WordPress prior to 6.0.3. WordPress also updated all versions considering that WordPress 3.7.

Cross Website Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database published warnings of numerous vulnerabilities impacting WordPress.

There are several type of vulnerabilities impacting WordPress, consisting of a type known as a Cross Website Scripting, often described as XSS.

A cross website scripting vulnerability typically emerges when a web application like WordPress does not properly examine (sanitize) what is input into a type or published through an upload input.

An assaulter can send a harmful script to a user who visits the site which then performs the harmful script, thereupon offering delicate details or cookies including user qualifications to the assaulter.

Another vulnerability discovered is called a Saved XSS, which is normally thought about to be even worse than a regular XSS attack.

With a kept XSS attack, the harmful script is kept on the website itself and is performed when a user or logged-in user visits the website.

A third kind vulnerability discovered is called a Cross-Site Demand Forgery (CSRF).

The non-profit Open Web Application Security Job (OWASP) security site explains this kind of vulnerability:

“Cross-Site Demand Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re presently verified.

With a little assistance of social engineering (such as sending a link through email or chat), an assailant may fool the users of a web application into executing actions of the opponent’s picking.

If the victim is a typical user, a successful CSRF attack can require the user to perform state changing demands like moving funds, altering their e-mail address, etc.

If the victim is an administrative account, CSRF can jeopardize the whole web application.”

These are the vulnerabilities found:

  1. Kept XSS through wp-mail. php (post by email)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Reflected XSS via SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Saved XSS through the Customizer
  7. Go back shared user instances presented in 50790
  8. Kept XSS in WordPress Core by means of Remark Editing
  9. Information exposure via the REST Terms/Tags Endpoint
  10. Material from multipart e-mails leaked
  11. SQL Injection due to incorrect sanitization in ‘WP_Date_Query ‘RSS Widget: Kept XSS concern
  12. Kept XSS in the search block
  13. Feature Image Block: XSS issue
  14. RSS Block: Stored XSS issue
  15. Repair widget block XSS

Advised Action

WordPress recommended that all users upgrade their sites instantly.

The main WordPress announcement stated:

“This release includes several security fixes. Because this is a security release, it is suggested that you upgrade your websites instantly.

All variations considering that WordPress 3.7 have actually likewise been updated.”

Check out the official WordPress announcement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Featured image by Best SMM Panel/Asier Romero