WordPress Hit With Multiple Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress published a security release to address several vulnerabilities discovered in versions of WordPress prior to 6.0.3. WordPress also upgraded all versions considering that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database published warnings of several vulnerabilities impacting WordPress.

There are numerous type of vulnerabilities affecting WordPress, consisting of a type called a Cross Site Scripting, often described as XSS.

A cross site scripting vulnerability usually occurs when a web application like WordPress does not appropriately inspect (sanitize) what is input into a kind or uploaded through an upload input.

An attacker can send out a destructive script to a user who checks out the site which then performs the malicious script, thereupon supplying sensitive info or cookies containing user qualifications to the assaulter.

Another vulnerability discovered is called a Stored XSS, which is usually considered to be worse than a regular XSS attack.

With a kept XSS attack, the destructive script is stored on the site itself and is performed when a user or logged-in user checks out the website.

A third kind vulnerability found is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Task (OWASP) security website describes this sort of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.

With a little assistance of social engineering (such as sending out a link through email or chat), an enemy may fool the users of a web application into executing actions of the attacker’s picking.

If the victim is a regular user, an effective CSRF attack can force the user to perform state changing requests like moving funds, changing their email address, and so forth.

If the victim is an administrative account, CSRF can compromise the whole web application.”

These are the vulnerabilities discovered:

  1. Stored XSS through wp-mail. php (post by e-mail)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Reflected XSS through SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Saved XSS by means of the Customizer
  7. Revert shared user instances presented in 50790
  8. Saved XSS in WordPress Core by means of Comment Editing
  9. Data exposure by means of the REST Terms/Tags Endpoint
  10. Material from multipart emails dripped
  11. SQL Injection due to improper sanitization in ‘WP_Date_Query ‘RSS Widget: Stored XSS problem
  12. Stored XSS in the search block
  13. Feature Image Block: XSS issue
  14. RSS Block: Stored XSS concern
  15. Fix widget block XSS

Suggested Action

WordPress recommended that all users upgrade their websites right away.

The official WordPress statement mentioned:

“This release includes several security repairs. Due to the fact that this is a security release, it is suggested that you upgrade your websites immediately.

All versions considering that WordPress 3.7 have actually also been upgraded.”

Read the main WordPress statement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero