WordPress Struck With Numerous Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress published a security release to attend to numerous vulnerabilities found in versions of WordPress prior to 6.0.3. WordPress likewise updated all versions given that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database published warnings of several vulnerabilities affecting WordPress.

There are numerous kinds of vulnerabilities affecting WordPress, including a type called a Cross Website Scripting, typically referred to as XSS.

A cross website scripting vulnerability usually develops when a web application like WordPress does not appropriately inspect (sterilize) what is input into a form or submitted through an upload input.

An opponent can send out a destructive script to a user who visits the site which then performs the malicious script, thereupon providing sensitive details or cookies including user qualifications to the opponent.

Another vulnerability discovered is called a Stored XSS, which is generally considered to be worse than a regular XSS attack.

With a saved XSS attack, the harmful script is kept on the website itself and is carried out when a user or logged-in user checks out the site.

A 3rd kind vulnerability discovered is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Job (OWASP) security site explains this sort of vulnerability:

“Cross-Site Demand Forgery (CSRF) is an attack that forces an end user to perform undesirable actions on a web application in which they’re currently authenticated.

With a little help of social engineering (such as sending a link by means of e-mail or chat), an enemy might trick the users of a web application into executing actions of the opponent’s choosing.

If the victim is a typical user, a successful CSRF attack can force the user to carry out state altering requests like moving funds, changing their email address, and so forth.

If the victim is an administrative account, CSRF can compromise the whole web application.”

These are the vulnerabilities found:

  1. Stored XSS by means of wp-mail. php (post by email)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Reflected XSS via SQLi
  5. Cross-Site Demand Forgery (CSRF) in wp-trackback. php
  6. Kept XSS by means of the Customizer
  7. Go back shared user instances introduced in 50790
  8. Kept XSS in WordPress Core through Remark Editing
  9. Data direct exposure by means of the REST Terms/Tags Endpoint
  10. Material from multipart e-mails dripped
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Kept XSS issue
  12. Saved XSS in the search block
  13. Function Image Block: XSS concern
  14. RSS Block: Kept XSS problem
  15. Repair widget block XSS

Suggested Action

WordPress recommended that all users upgrade their websites instantly.

The main WordPress announcement specified:

“This release includes a number of security fixes. Because this is a security release, it is advised that you update your sites instantly.

All variations since WordPress 3.7 have also been updated.”

Read the official WordPress announcement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero