WordPress Struck With Multiple Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress published a security release to deal with multiple vulnerabilities discovered in versions of WordPress prior to 6.0.3. WordPress likewise upgraded all versions because WordPress 3.7.

Cross Website Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database published cautions of numerous vulnerabilities affecting WordPress.

There are multiple sort of vulnerabilities affecting WordPress, consisting of a type referred to as a Cross Website Scripting, typically referred to as XSS.

A cross website scripting vulnerability typically occurs when a web application like WordPress does not effectively check (sanitize) what is input into a kind or submitted through an upload input.

An opponent can send a malicious script to a user who goes to the site which then performs the harmful script, thereupon offering sensitive information or cookies containing user credentials to the aggressor.

Another vulnerability discovered is called a Saved XSS, which is generally thought about to be even worse than a routine XSS attack.

With a saved XSS attack, the destructive script is stored on the website itself and is carried out when a user or logged-in user goes to the website.

A 3rd kind vulnerability found is called a Cross-Site Demand Forgery (CSRF).

The non-profit Open Web Application Security Job (OWASP) security website describes this sort of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute undesirable actions on a web application in which they’re currently validated.

With a little assistance of social engineering (such as sending a link via e-mail or chat), an aggressor might fool the users of a web application into executing actions of the opponent’s choosing.

If the victim is a normal user, an effective CSRF attack can require the user to perform state altering demands like moving funds, changing their email address, and so forth.

If the victim is an administrative account, CSRF can jeopardize the whole web application.”

These are the vulnerabilities found:

  1. Saved XSS via wp-mail. php (post by email)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Shown XSS through SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Kept XSS via the Customizer
  7. Go back shared user instances introduced in 50790
  8. Kept XSS in WordPress Core through Comment Editing
  9. Information exposure via the REST Terms/Tags Endpoint
  10. Material from multipart e-mails dripped
  11. SQL Injection due to incorrect sanitization in ‘WP_Date_Query ‘RSS Widget: Saved XSS problem
  12. Stored XSS in the search block
  13. Feature Image Block: XSS problem
  14. RSS Block: Stored XSS concern
  15. Repair widget block XSS

Recommended Action

WordPress recommended that all users update their websites right away.

The main WordPress statement stated:

“This release features several security repairs. Due to the fact that this is a security release, it is recommended that you update your websites immediately.

All variations given that WordPress 3.7 have actually also been updated.”

Check out the official WordPress statement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Featured image by Best SMM Panel/Asier Romero