WordPress Struck With Several Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress released a security release to resolve multiple vulnerabilities discovered in versions of WordPress prior to 6.0.3. WordPress likewise updated all variations given that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database published warnings of several vulnerabilities affecting WordPress.

There are numerous sort of vulnerabilities impacting WordPress, consisting of a type known as a Cross Website Scripting, often referred to as XSS.

A cross site scripting vulnerability typically develops when a web application like WordPress doesn’t properly check (sanitize) what is input into a type or submitted through an upload input.

An assailant can send out a malicious script to a user who visits the site which then carries out the destructive script, thereupon supplying sensitive info or cookies containing user credentials to the enemy.

Another vulnerability discovered is called a Saved XSS, which is typically thought about to be even worse than a regular XSS attack.

With a stored XSS attack, the malicious script is kept on the website itself and is executed when a user or logged-in user goes to the website.

A third kind vulnerability found is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security site describes this type of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute undesirable actions on a web application in which they’re currently validated.

With a little assistance of social engineering (such as sending a link via e-mail or chat), an attacker might deceive the users of a web application into executing actions of the assaulter’s choosing.

If the victim is a normal user, an effective CSRF attack can force the user to carry out state changing demands like transferring funds, changing their e-mail address, etc.

If the victim is an administrative account, CSRF can jeopardize the entire web application.”

These are the vulnerabilities discovered:

  1. Saved XSS via wp-mail. php (post by e-mail)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Reflected XSS via SQLi
  5. Cross-Site Demand Forgery (CSRF) in wp-trackback. php
  6. Kept XSS via the Customizer
  7. Go back shared user instances presented in 50790
  8. Stored XSS in WordPress Core via Comment Modifying
  9. Information exposure through the REST Terms/Tags Endpoint
  10. Content from multipart emails dripped
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Stored XSS problem
  12. Saved XSS in the search block
  13. Feature Image Block: XSS issue
  14. RSS Block: Kept XSS problem
  15. Repair widget block XSS

Recommended Action

WordPress suggested that all users update their websites instantly.

The main WordPress statement specified:

“This release includes several security fixes. Since this is a security release, it is recommended that you upgrade your websites instantly.

All variations since WordPress 3.7 have actually also been upgraded.”

Check out the official WordPress statement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero