WordPress Struck With Several Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress released a security release to resolve numerous vulnerabilities found in variations of WordPress prior to 6.0.3. WordPress also upgraded all variations considering that WordPress 3.7.

Cross Website Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database published cautions of numerous vulnerabilities impacting WordPress.

There are numerous sort of vulnerabilities impacting WordPress, including a type called a Cross Website Scripting, often referred to as XSS.

A cross website scripting vulnerability normally develops when a web application like WordPress doesn’t appropriately inspect (sterilize) what is input into a form or uploaded through an upload input.

An assailant can send out a destructive script to a user who visits the website which then performs the destructive script, thereupon supplying delicate details or cookies including user qualifications to the aggressor.

Another vulnerability discovered is called a Kept XSS, which is normally considered to be worse than a regular XSS attack.

With a kept XSS attack, the malicious script is kept on the site itself and is performed when a user or logged-in user checks out the site.

A 3rd kind vulnerability found is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security website describes this kind of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute undesirable actions on a web application in which they’re presently verified.

With a little assistance of social engineering (such as sending a link by means of e-mail or chat), an enemy may deceive the users of a web application into performing actions of the attacker’s picking.

If the victim is a regular user, an effective CSRF attack can require the user to perform state changing requests like moving funds, altering their email address, and so forth.

If the victim is an administrative account, CSRF can jeopardize the entire web application.”

These are the vulnerabilities discovered:

  1. Saved XSS via wp-mail. php (post by e-mail)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Shown XSS via SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Stored XSS through the Customizer
  7. Revert shared user circumstances presented in 50790
  8. Stored XSS in WordPress Core via Remark Modifying
  9. Data exposure via the REST Terms/Tags Endpoint
  10. Material from multipart e-mails leaked
  11. SQL Injection due to incorrect sanitization in ‘WP_Date_Query ‘RSS Widget: Kept XSS problem
  12. Saved XSS in the search block
  13. Feature Image Block: XSS problem
  14. RSS Block: Stored XSS issue
  15. Repair widget block XSS

Advised Action

WordPress suggested that all users update their sites immediately.

The main WordPress announcement specified:

“This release features numerous security repairs. Due to the fact that this is a security release, it is recommended that you upgrade your websites immediately.

All versions since WordPress 3.7 have actually also been upgraded.”

Check out the main WordPress announcement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Featured image by Best SMM Panel/Asier Romero