WordPress Struck With Multiple Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress published a security release to deal with several vulnerabilities discovered in variations of WordPress prior to 6.0.3. WordPress likewise updated all variations given that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database released warnings of several vulnerabilities impacting WordPress.

There are numerous kinds of vulnerabilities affecting WordPress, consisting of a type referred to as a Cross Site Scripting, frequently described as XSS.

A cross site scripting vulnerability normally arises when a web application like WordPress doesn’t correctly check (sanitize) what is input into a type or submitted through an upload input.

An enemy can send out a malicious script to a user who checks out the website which then performs the harmful script, thereupon offering sensitive details or cookies containing user qualifications to the aggressor.

Another vulnerability found is called a Saved XSS, which is usually considered to be even worse than a routine XSS attack.

With a saved XSS attack, the destructive script is stored on the website itself and is performed when a user or logged-in user goes to the website.

A 3rd kind vulnerability found is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Task (OWASP) security site describes this sort of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.

With a little help of social engineering (such as sending a link through email or chat), an aggressor may trick the users of a web application into carrying out actions of the attacker’s choosing.

If the victim is a typical user, an effective CSRF attack can require the user to perform state altering demands like moving funds, altering their email address, and so forth.

If the victim is an administrative account, CSRF can jeopardize the entire web application.”

These are the vulnerabilities discovered:

  1. Kept XSS by means of wp-mail. php (post by e-mail)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Reflected XSS by means of SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Stored XSS by means of the Customizer
  7. Revert shared user instances presented in 50790
  8. Saved XSS in WordPress Core by means of Remark Modifying
  9. Information direct exposure by means of the REST Terms/Tags Endpoint
  10. Material from multipart emails dripped
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Saved XSS problem
  12. Kept XSS in the search block
  13. Feature Image Block: XSS issue
  14. RSS Block: Kept XSS concern
  15. Fix widget block XSS

Recommended Action

WordPress suggested that all users upgrade their websites immediately.

The main WordPress announcement mentioned:

“This release features several security fixes. Due to the fact that this is a security release, it is recommended that you upgrade your websites right away.

All versions since WordPress 3.7 have likewise been upgraded.”

Read the main WordPress announcement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero