WordPress Struck With Several Vulnerabilities In Versions Prior To 6.0.3

Posted by

WordPress released a security release to deal with numerous vulnerabilities discovered in variations of WordPress prior to 6.0.3. WordPress likewise updated all variations given that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database published cautions of multiple vulnerabilities affecting WordPress.

There are numerous sort of vulnerabilities affecting WordPress, including a type known as a Cross Website Scripting, typically described as XSS.

A cross site scripting vulnerability typically develops when a web application like WordPress doesn’t correctly inspect (sanitize) what is input into a kind or submitted through an upload input.

An enemy can send out a malicious script to a user who checks out the website which then carries out the malicious script, thereupon offering sensitive info or cookies consisting of user credentials to the assailant.

Another vulnerability discovered is called a Kept XSS, which is normally thought about to be worse than a routine XSS attack.

With a stored XSS attack, the malicious script is stored on the site itself and is executed when a user or logged-in user checks out the website.

A 3rd kind vulnerability discovered is called a Cross-Site Demand Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security site explains this kind of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that requires an end user to execute undesirable actions on a web application in which they’re presently verified.

With a little help of social engineering (such as sending a link by means of e-mail or chat), an aggressor might deceive the users of a web application into executing actions of the assaulter’s picking.

If the victim is a normal user, an effective CSRF attack can require the user to carry out state changing requests like transferring funds, changing their e-mail address, and so forth.

If the victim is an administrative account, CSRF can compromise the entire web application.”

These are the vulnerabilities discovered:

  1. Stored XSS through wp-mail. php (post by e-mail)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Shown XSS through SQLi
  5. Cross-Site Demand Forgery (CSRF) in wp-trackback. php
  6. Stored XSS through the Customizer
  7. Go back shared user instances presented in 50790
  8. Stored XSS in WordPress Core through Remark Editing
  9. Data direct exposure by means of the REST Terms/Tags Endpoint
  10. Content from multipart e-mails leaked
  11. SQL Injection due to inappropriate sanitization in ‘WP_Date_Query ‘RSS Widget: Stored XSS problem
  12. Saved XSS in the search block
  13. Feature Image Block: XSS concern
  14. RSS Block: Kept XSS issue
  15. Fix widget block XSS

Advised Action

WordPress recommended that all users upgrade their websites immediately.

The main WordPress announcement specified:

“This release includes several security fixes. Because this is a security release, it is recommended that you update your sites immediately.

All variations given that WordPress 3.7 have also been upgraded.”

Check out the main WordPress announcement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero