WordPress Struck With Numerous Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress published a security release to deal with several vulnerabilities discovered in versions of WordPress prior to 6.0.3. WordPress also updated all versions considering that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database released warnings of several vulnerabilities affecting WordPress.

There are several kinds of vulnerabilities impacting WordPress, consisting of a type referred to as a Cross Site Scripting, typically referred to as XSS.

A cross site scripting vulnerability typically emerges when a web application like WordPress does not appropriately examine (sanitize) what is input into a type or uploaded through an upload input.

An enemy can send a harmful script to a user who checks out the website which then carries out the harmful script, thereupon supplying delicate details or cookies consisting of user credentials to the enemy.

Another vulnerability discovered is called a Stored XSS, which is usually thought about to be worse than a routine XSS attack.

With a stored XSS attack, the harmful script is saved on the site itself and is executed when a user or logged-in user goes to the site.

A 3rd kind vulnerability discovered is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Job (OWASP) security website describes this type of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently validated.

With a little assistance of social engineering (such as sending a link through email or chat), an opponent may trick the users of a web application into executing actions of the opponent’s picking.

If the victim is a typical user, an effective CSRF attack can force the user to perform state changing demands like transferring funds, altering their email address, and so forth.

If the victim is an administrative account, CSRF can jeopardize the entire web application.”

These are the vulnerabilities found:

  1. Stored XSS by means of wp-mail. php (post by e-mail)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Reflected XSS by means of SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Saved XSS through the Customizer
  7. Revert shared user circumstances introduced in 50790
  8. Stored XSS in WordPress Core through Comment Modifying
  9. Data direct exposure by means of the REST Terms/Tags Endpoint
  10. Content from multipart e-mails leaked
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Saved XSS issue
  12. Kept XSS in the search block
  13. Feature Image Block: XSS problem
  14. RSS Block: Saved XSS concern
  15. Fix widget block XSS

Advised Action

WordPress recommended that all users update their sites instantly.

The official WordPress statement specified:

“This release includes several security repairs. Since this is a security release, it is suggested that you update your sites immediately.

All variations given that WordPress 3.7 have actually also been upgraded.”

Read the main WordPress announcement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero