WordPress Hit With Numerous Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress published a security release to address multiple vulnerabilities found in versions of WordPress prior to 6.0.3. WordPress likewise upgraded all variations given that WordPress 3.7.

Cross Website Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database published warnings of several vulnerabilities impacting WordPress.

There are several sort of vulnerabilities impacting WordPress, including a type referred to as a Cross Website Scripting, often described as XSS.

A cross site scripting vulnerability usually develops when a web application like WordPress doesn’t properly examine (sanitize) what is input into a kind or published through an upload input.

An assaulter can send a harmful script to a user who visits the website which then carries out the harmful script, thereupon providing delicate details or cookies containing user qualifications to the aggressor.

Another vulnerability found is called a Saved XSS, which is usually thought about to be worse than a regular XSS attack.

With a saved XSS attack, the destructive script is stored on the site itself and is performed when a user or logged-in user checks out the site.

A 3rd kind vulnerability found is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Job (OWASP) security site explains this sort of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that requires an end user to execute undesirable actions on a web application in which they’re presently validated.

With a little help of social engineering (such as sending out a link via email or chat), an aggressor might deceive the users of a web application into carrying out actions of the enemy’s choosing.

If the victim is a typical user, a successful CSRF attack can require the user to perform state altering demands like transferring funds, changing their email address, etc.

If the victim is an administrative account, CSRF can jeopardize the whole web application.”

These are the vulnerabilities found:

  1. Saved XSS by means of wp-mail. php (post by e-mail)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Shown XSS by means of SQLi
  5. Cross-Site Demand Forgery (CSRF) in wp-trackback. php
  6. Saved XSS through the Customizer
  7. Revert shared user circumstances presented in 50790
  8. Saved XSS in WordPress Core via Remark Modifying
  9. Data exposure via the REST Terms/Tags Endpoint
  10. Material from multipart e-mails dripped
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Saved XSS issue
  12. Saved XSS in the search block
  13. Function Image Block: XSS issue
  14. RSS Block: Saved XSS issue
  15. Repair widget block XSS

Recommended Action

WordPress advised that all users upgrade their websites right away.

The main WordPress statement stated:

“This release includes several security fixes. Due to the fact that this is a security release, it is suggested that you update your sites right away.

All variations since WordPress 3.7 have likewise been upgraded.”

Check out the main WordPress announcement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero