WordPress Struck With Several Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress released a security release to address several vulnerabilities discovered in versions of WordPress prior to 6.0.3. WordPress also upgraded all variations since WordPress 3.7.

Cross Website Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database published warnings of multiple vulnerabilities impacting WordPress.

There are several kinds of vulnerabilities affecting WordPress, including a type known as a Cross Site Scripting, often referred to as XSS.

A cross site scripting vulnerability normally occurs when a web application like WordPress does not properly check (sanitize) what is input into a kind or submitted through an upload input.

An assailant can send out a harmful script to a user who checks out the site which then executes the destructive script, thereupon providing delicate details or cookies containing user credentials to the opponent.

Another vulnerability found is called a Kept XSS, which is normally considered to be even worse than a routine XSS attack.

With a saved XSS attack, the harmful script is kept on the website itself and is executed when a user or logged-in user goes to the website.

A third kind vulnerability discovered is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security website explains this sort of vulnerability:

“Cross-Site Demand Forgery (CSRF) is an attack that forces an end user to execute undesirable actions on a web application in which they’re presently validated.

With a little aid of social engineering (such as sending out a link by means of e-mail or chat), an assaulter might fool the users of a web application into performing actions of the aggressor’s choosing.

If the victim is a normal user, a successful CSRF attack can force the user to carry out state altering demands like transferring funds, altering their e-mail address, etc.

If the victim is an administrative account, CSRF can jeopardize the entire web application.”

These are the vulnerabilities discovered:

  1. Kept XSS via wp-mail. php (post by email)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Reflected XSS via SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Kept XSS through the Customizer
  7. Go back shared user circumstances introduced in 50790
  8. Kept XSS in WordPress Core via Remark Modifying
  9. Information direct exposure by means of the REST Terms/Tags Endpoint
  10. Content from multipart emails dripped
  11. SQL Injection due to incorrect sanitization in ‘WP_Date_Query ‘RSS Widget: Kept XSS concern
  12. Kept XSS in the search block
  13. Feature Image Block: XSS issue
  14. RSS Block: Kept XSS problem
  15. Repair widget block XSS

Advised Action

WordPress suggested that all users update their sites immediately.

The main WordPress statement specified:

“This release includes several security repairs. Due to the fact that this is a security release, it is suggested that you upgrade your websites instantly.

All versions since WordPress 3.7 have actually likewise been updated.”

Check out the main WordPress statement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero