WordPress Hit With Numerous Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress released a security release to deal with numerous vulnerabilities found in variations of WordPress prior to 6.0.3. WordPress also updated all variations because WordPress 3.7.

Cross Website Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database released warnings of several vulnerabilities impacting WordPress.

There are several kinds of vulnerabilities impacting WordPress, including a type referred to as a Cross Site Scripting, frequently referred to as XSS.

A cross website scripting vulnerability generally arises when a web application like WordPress does not appropriately inspect (sterilize) what is input into a form or uploaded through an upload input.

An assailant can send out a destructive script to a user who goes to the website which then performs the malicious script, thereupon offering sensitive details or cookies including user qualifications to the assaulter.

Another vulnerability found is called a Stored XSS, which is typically considered to be even worse than a routine XSS attack.

With a saved XSS attack, the destructive script is stored on the website itself and is carried out when a user or logged-in user goes to the site.

A third kind vulnerability found is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Job (OWASP) security website explains this kind of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to perform undesirable actions on a web application in which they’re currently authenticated.

With a little help of social engineering (such as sending out a link through email or chat), an assaulter might deceive the users of a web application into carrying out actions of the enemy’s choosing.

If the victim is a normal user, an effective CSRF attack can force the user to carry out state changing demands like moving funds, changing their email address, etc.

If the victim is an administrative account, CSRF can compromise the whole web application.”

These are the vulnerabilities found:

  1. Kept XSS through wp-mail. php (post by e-mail)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Shown XSS via SQLi
  5. Cross-Site Demand Forgery (CSRF) in wp-trackback. php
  6. Saved XSS through the Customizer
  7. Go back shared user circumstances introduced in 50790
  8. Stored XSS in WordPress Core via Remark Editing
  9. Information exposure through the REST Terms/Tags Endpoint
  10. Material from multipart e-mails leaked
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Saved XSS issue
  12. Saved XSS in the search block
  13. Feature Image Block: XSS problem
  14. RSS Block: Stored XSS problem
  15. Fix widget block XSS

Advised Action

WordPress advised that all users update their sites right away.

The main WordPress statement specified:

“This release includes a number of security fixes. Since this is a security release, it is suggested that you upgrade your sites immediately.

All versions considering that WordPress 3.7 have likewise been upgraded.”

Read the official WordPress statement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Featured image by Best SMM Panel/Asier Romero