WordPress Struck With Several Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress released a security release to address multiple vulnerabilities found in versions of WordPress prior to 6.0.3. WordPress also upgraded all variations because WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database published warnings of several vulnerabilities affecting WordPress.

There are multiple sort of vulnerabilities affecting WordPress, including a type referred to as a Cross Site Scripting, typically described as XSS.

A cross site scripting vulnerability generally arises when a web application like WordPress does not correctly examine (sanitize) what is input into a form or uploaded through an upload input.

An enemy can send a destructive script to a user who checks out the website which then carries out the malicious script, thereupon offering sensitive info or cookies containing user qualifications to the attacker.

Another vulnerability found is called a Saved XSS, which is typically thought about to be even worse than a routine XSS attack.

With a stored XSS attack, the malicious script is kept on the website itself and is performed when a user or logged-in user visits the website.

A 3rd kind vulnerability found is called a Cross-Site Demand Forgery (CSRF).

The non-profit Open Web Application Security Job (OWASP) security site describes this sort of vulnerability:

“Cross-Site Demand Forgery (CSRF) is an attack that requires an end user to execute unwanted actions on a web application in which they’re presently confirmed.

With a little help of social engineering (such as sending out a link via e-mail or chat), an assaulter may fool the users of a web application into performing actions of the assailant’s choosing.

If the victim is a normal user, a successful CSRF attack can require the user to carry out state altering requests like transferring funds, changing their email address, and so forth.

If the victim is an administrative account, CSRF can compromise the entire web application.”

These are the vulnerabilities discovered:

  1. Saved XSS by means of wp-mail. php (post by email)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Shown XSS by means of SQLi
  5. Cross-Site Demand Forgery (CSRF) in wp-trackback. php
  6. Saved XSS via the Customizer
  7. Revert shared user instances presented in 50790
  8. Stored XSS in WordPress Core by means of Remark Modifying
  9. Information direct exposure by means of the REST Terms/Tags Endpoint
  10. Content from multipart emails leaked
  11. SQL Injection due to incorrect sanitization in ‘WP_Date_Query ‘RSS Widget: Stored XSS issue
  12. Stored XSS in the search block
  13. Function Image Block: XSS issue
  14. RSS Block: Saved XSS issue
  15. Fix widget block XSS

Suggested Action

WordPress advised that all users upgrade their sites instantly.

The main WordPress statement stated:

“This release features a number of security repairs. Because this is a security release, it is advised that you upgrade your websites right away.

All variations considering that WordPress 3.7 have also been updated.”

Read the official WordPress statement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Featured image by Best SMM Panel/Asier Romero