WordPress Hit With Multiple Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress released a security release to address several vulnerabilities found in variations of WordPress prior to 6.0.3. WordPress likewise updated all versions given that WordPress 3.7.

Cross Website Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database published warnings of several vulnerabilities impacting WordPress.

There are multiple sort of vulnerabilities affecting WordPress, consisting of a type referred to as a Cross Website Scripting, typically referred to as XSS.

A cross website scripting vulnerability normally emerges when a web application like WordPress doesn’t properly check (sanitize) what is input into a type or submitted through an upload input.

An opponent can send out a malicious script to a user who goes to the website which then carries out the harmful script, thereupon supplying sensitive details or cookies consisting of user qualifications to the opponent.

Another vulnerability found is called a Kept XSS, which is typically thought about to be worse than a routine XSS attack.

With a stored XSS attack, the harmful script is stored on the site itself and is carried out when a user or logged-in user goes to the site.

A third kind vulnerability discovered is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Job (OWASP) security website describes this type of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that requires an end user to execute unwanted actions on a web application in which they’re presently validated.

With a little aid of social engineering (such as sending out a link via email or chat), an aggressor may fool the users of a web application into executing actions of the opponent’s picking.

If the victim is a regular user, an effective CSRF attack can require the user to perform state altering requests like moving funds, changing their email address, etc.

If the victim is an administrative account, CSRF can jeopardize the whole web application.”

These are the vulnerabilities found:

  1. Stored XSS through wp-mail. php (post by e-mail)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Shown XSS by means of SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Stored XSS through the Customizer
  7. Revert shared user circumstances introduced in 50790
  8. Kept XSS in WordPress Core by means of Comment Modifying
  9. Data direct exposure by means of the REST Terms/Tags Endpoint
  10. Content from multipart e-mails dripped
  11. SQL Injection due to incorrect sanitization in ‘WP_Date_Query ‘RSS Widget: Saved XSS concern
  12. Stored XSS in the search block
  13. Feature Image Block: XSS issue
  14. RSS Block: Saved XSS issue
  15. Repair widget block XSS

Advised Action

WordPress advised that all users update their sites immediately.

The official WordPress statement mentioned:

“This release includes a number of security fixes. Since this is a security release, it is suggested that you update your sites right away.

All versions considering that WordPress 3.7 have also been updated.”

Check out the official WordPress announcement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero