WordPress Hit With Numerous Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress published a security release to resolve multiple vulnerabilities discovered in variations of WordPress prior to 6.0.3. WordPress likewise updated all versions considering that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database published cautions of multiple vulnerabilities affecting WordPress.

There are several type of vulnerabilities impacting WordPress, consisting of a type known as a Cross Website Scripting, frequently described as XSS.

A cross website scripting vulnerability generally arises when a web application like WordPress does not effectively examine (sanitize) what is input into a form or submitted through an upload input.

An attacker can send a malicious script to a user who checks out the site which then carries out the malicious script, thereupon supplying delicate info or cookies including user credentials to the aggressor.

Another vulnerability discovered is called a Stored XSS, which is typically thought about to be even worse than a routine XSS attack.

With a kept XSS attack, the malicious script is saved on the site itself and is carried out when a user or logged-in user goes to the website.

A 3rd kind vulnerability found is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security website describes this sort of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that requires an end user to carry out unwanted actions on a web application in which they’re currently authenticated.

With a little help of social engineering (such as sending a link via email or chat), an enemy might fool the users of a web application into carrying out actions of the enemy’s picking.

If the victim is a typical user, a successful CSRF attack can require the user to carry out state altering demands like moving funds, altering their email address, etc.

If the victim is an administrative account, CSRF can compromise the entire web application.”

These are the vulnerabilities discovered:

  1. Saved XSS through wp-mail. php (post by e-mail)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Shown XSS through SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Saved XSS through the Customizer
  7. Revert shared user circumstances presented in 50790
  8. Kept XSS in WordPress Core by means of Comment Editing
  9. Data direct exposure via the REST Terms/Tags Endpoint
  10. Content from multipart e-mails dripped
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Kept XSS problem
  12. Kept XSS in the search block
  13. Feature Image Block: XSS problem
  14. RSS Block: Saved XSS problem
  15. Fix widget block XSS

Advised Action

WordPress recommended that all users upgrade their websites immediately.

The main WordPress announcement specified:

“This release includes several security repairs. Because this is a security release, it is suggested that you update your websites immediately.

All variations because WordPress 3.7 have also been updated.”

Read the main WordPress statement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero