WordPress Hit With Numerous Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress published a security release to resolve numerous vulnerabilities discovered in versions of WordPress prior to 6.0.3. WordPress likewise updated all variations since WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database published cautions of several vulnerabilities impacting WordPress.

There are multiple type of vulnerabilities affecting WordPress, including a type referred to as a Cross Website Scripting, typically referred to as XSS.

A cross site scripting vulnerability typically emerges when a web application like WordPress doesn’t correctly inspect (sterilize) what is input into a form or published through an upload input.

An opponent can send out a destructive script to a user who checks out the site which then performs the destructive script, thereupon supplying delicate details or cookies containing user credentials to the attacker.

Another vulnerability discovered is called a Kept XSS, which is normally thought about to be worse than a routine XSS attack.

With a saved XSS attack, the harmful script is stored on the site itself and is performed when a user or logged-in user visits the website.

A third kind vulnerability found is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Job (OWASP) security site describes this type of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that requires an end user to perform unwanted actions on a web application in which they’re currently confirmed.

With a little help of social engineering (such as sending out a link through e-mail or chat), an attacker might trick the users of a web application into carrying out actions of the opponent’s picking.

If the victim is a regular user, an effective CSRF attack can require the user to carry out state altering requests like transferring funds, changing their e-mail address, and so forth.

If the victim is an administrative account, CSRF can jeopardize the entire web application.”

These are the vulnerabilities discovered:

  1. Saved XSS via wp-mail. php (post by e-mail)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Reflected XSS through SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Saved XSS by means of the Customizer
  7. Revert shared user circumstances presented in 50790
  8. Stored XSS in WordPress Core by means of Comment Editing
  9. Data exposure by means of the REST Terms/Tags Endpoint
  10. Material from multipart emails dripped
  11. SQL Injection due to incorrect sanitization in ‘WP_Date_Query ‘RSS Widget: Kept XSS issue
  12. Saved XSS in the search block
  13. Function Image Block: XSS issue
  14. RSS Block: Stored XSS issue
  15. Repair widget block XSS

Advised Action

WordPress suggested that all users update their sites right away.

The official WordPress statement specified:

“This release includes numerous security repairs. Since this is a security release, it is recommended that you upgrade your sites immediately.

All variations given that WordPress 3.7 have actually likewise been upgraded.”

Check out the main WordPress announcement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero