WordPress Hit With Numerous Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress released a security release to resolve multiple vulnerabilities discovered in variations of WordPress prior to 6.0.3. WordPress also upgraded all variations given that WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database released warnings of multiple vulnerabilities impacting WordPress.

There are several kinds of vulnerabilities impacting WordPress, including a type known as a Cross Website Scripting, typically described as XSS.

A cross site scripting vulnerability generally develops when a web application like WordPress doesn’t appropriately check (sterilize) what is input into a kind or uploaded through an upload input.

An opponent can send a harmful script to a user who visits the website which then performs the destructive script, thereupon supplying delicate information or cookies containing user qualifications to the aggressor.

Another vulnerability found is called a Saved XSS, which is generally thought about to be worse than a routine XSS attack.

With a kept XSS attack, the malicious script is stored on the site itself and is carried out when a user or logged-in user goes to the website.

A third kind vulnerability found is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security website explains this kind of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to carry out unwanted actions on a web application in which they’re currently authenticated.

With a little assistance of social engineering (such as sending out a link through e-mail or chat), an attacker may deceive the users of a web application into executing actions of the assaulter’s picking.

If the victim is a typical user, an effective CSRF attack can require the user to perform state changing requests like moving funds, changing their e-mail address, and so forth.

If the victim is an administrative account, CSRF can compromise the entire web application.”

These are the vulnerabilities found:

  1. Stored XSS through wp-mail. php (post by e-mail)
  2. Open reroute in ‘wp_nonce_ays’
  3. Sender’s e-mail address is exposed in wp-mail. php
  4. Media Library– Shown XSS by means of SQLi
  5. Cross-Site Request Forgery (CSRF) in wp-trackback. php
  6. Stored XSS via the Customizer
  7. Revert shared user circumstances presented in 50790
  8. Kept XSS in WordPress Core via Remark Modifying
  9. Data direct exposure by means of the REST Terms/Tags Endpoint
  10. Content from multipart e-mails dripped
  11. SQL Injection due to incorrect sanitization in ‘WP_Date_Query ‘RSS Widget: Kept XSS problem
  12. Kept XSS in the search block
  13. Function Image Block: XSS issue
  14. RSS Block: Stored XSS issue
  15. Repair widget block XSS

Suggested Action

WordPress advised that all users update their sites instantly.

The main WordPress announcement mentioned:

“This release includes a number of security repairs. Due to the fact that this is a security release, it is advised that you update your sites instantly.

All versions since WordPress 3.7 have likewise been updated.”

Check out the official WordPress announcement here:

WordPress 6.0.3 Security Release

Check Out the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Featured image by Best SMM Panel/Asier Romero