WordPress Struck With Numerous Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress released a security release to attend to several vulnerabilities discovered in variations of WordPress prior to 6.0.3. WordPress also updated all variations because WordPress 3.7.

Cross Website Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database published cautions of numerous vulnerabilities affecting WordPress.

There are numerous kinds of vulnerabilities impacting WordPress, consisting of a type known as a Cross Site Scripting, often described as XSS.

A cross site scripting vulnerability normally occurs when a web application like WordPress doesn’t effectively examine (sanitize) what is input into a kind or submitted through an upload input.

An assaulter can send out a malicious script to a user who checks out the website which then carries out the destructive script, thereupon supplying sensitive details or cookies including user credentials to the attacker.

Another vulnerability found is called a Stored XSS, which is normally considered to be even worse than a routine XSS attack.

With a stored XSS attack, the destructive script is stored on the site itself and is carried out when a user or logged-in user visits the website.

A third kind vulnerability discovered is called a Cross-Site Demand Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security website describes this type of vulnerability:

“Cross-Site Demand Forgery (CSRF) is an attack that requires an end user to perform unwanted actions on a web application in which they’re currently confirmed.

With a little help of social engineering (such as sending a link through e-mail or chat), an opponent might deceive the users of a web application into performing actions of the attacker’s picking.

If the victim is a regular user, an effective CSRF attack can require the user to perform state changing demands like moving funds, altering their email address, and so forth.

If the victim is an administrative account, CSRF can jeopardize the whole web application.”

These are the vulnerabilities discovered:

  1. Kept XSS by means of wp-mail. php (post by email)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Shown XSS via SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Stored XSS through the Customizer
  7. Revert shared user circumstances presented in 50790
  8. Stored XSS in WordPress Core via Remark Modifying
  9. Data direct exposure through the REST Terms/Tags Endpoint
  10. Material from multipart emails leaked
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Stored XSS concern
  12. Stored XSS in the search block
  13. Function Image Block: XSS issue
  14. RSS Block: Stored XSS concern
  15. Repair widget block XSS

Suggested Action

WordPress advised that all users upgrade their sites immediately.

The official WordPress announcement specified:

“This release includes several security fixes. Since this is a security release, it is advised that you upgrade your websites immediately.

All versions since WordPress 3.7 have actually also been upgraded.”

Check out the main WordPress announcement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero