WordPress Hit With Several Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress published a security release to address numerous vulnerabilities discovered in variations of WordPress prior to 6.0.3. WordPress also updated all versions considering that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database released cautions of numerous vulnerabilities affecting WordPress.

There are numerous kinds of vulnerabilities impacting WordPress, including a type known as a Cross Site Scripting, frequently described as XSS.

A cross site scripting vulnerability usually emerges when a web application like WordPress does not properly inspect (sterilize) what is input into a type or uploaded through an upload input.

An attacker can send a malicious script to a user who checks out the site which then executes the harmful script, thereupon providing delicate information or cookies containing user qualifications to the enemy.

Another vulnerability found is called a Kept XSS, which is normally considered to be worse than a regular XSS attack.

With a stored XSS attack, the harmful script is kept on the website itself and is executed when a user or logged-in user checks out the website.

A 3rd kind vulnerability discovered is called a Cross-Site Demand Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security website describes this type of vulnerability:

“Cross-Site Demand Forgery (CSRF) is an attack that forces an end user to perform undesirable actions on a web application in which they’re presently verified.

With a little assistance of social engineering (such as sending a link by means of email or chat), an opponent may trick the users of a web application into carrying out actions of the attacker’s picking.

If the victim is a normal user, an effective CSRF attack can require the user to perform state altering requests like transferring funds, changing their e-mail address, etc.

If the victim is an administrative account, CSRF can compromise the entire web application.”

These are the vulnerabilities found:

  1. Stored XSS by means of wp-mail. php (post by e-mail)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Shown XSS through SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Stored XSS by means of the Customizer
  7. Revert shared user circumstances presented in 50790
  8. Saved XSS in WordPress Core through Comment Modifying
  9. Information exposure through the REST Terms/Tags Endpoint
  10. Content from multipart e-mails dripped
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Stored XSS concern
  12. Kept XSS in the search block
  13. Function Image Block: XSS problem
  14. RSS Block: Kept XSS concern
  15. Repair widget block XSS

Recommended Action

WordPress suggested that all users update their sites immediately.

The main WordPress announcement specified:

“This release includes numerous security repairs. Since this is a security release, it is recommended that you update your websites immediately.

All versions since WordPress 3.7 have also been updated.”

Check out the main WordPress announcement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Featured image by Best SMM Panel/Asier Romero