WordPress Hit With Numerous Vulnerabilities In Variations Prior To 6.0.3

Posted by

WordPress released a security release to attend to numerous vulnerabilities discovered in variations of WordPress prior to 6.0.3. WordPress also upgraded all versions given that WordPress 3.7.

Cross Website Scripting (XSS) Vulnerability

The U.S. Federal Government National Vulnerability Database released cautions of several vulnerabilities affecting WordPress.

There are multiple type of vulnerabilities impacting WordPress, consisting of a type known as a Cross Site Scripting, frequently referred to as XSS.

A cross site scripting vulnerability typically occurs when a web application like WordPress doesn’t correctly inspect (sterilize) what is input into a form or uploaded through an upload input.

An assaulter can send a destructive script to a user who visits the site which then performs the destructive script, thereupon offering delicate information or cookies consisting of user qualifications to the attacker.

Another vulnerability discovered is called a Saved XSS, which is typically considered to be even worse than a regular XSS attack.

With a saved XSS attack, the destructive script is stored on the website itself and is performed when a user or logged-in user visits the website.

A third kind vulnerability discovered is called a Cross-Site Demand Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security website explains this sort of vulnerability:

“Cross-Site Demand Forgery (CSRF) is an attack that forces an end user to carry out unwanted actions on a web application in which they’re presently validated.

With a little aid of social engineering (such as sending a link via e-mail or chat), an assailant may fool the users of a web application into executing actions of the assaulter’s choosing.

If the victim is a typical user, an effective CSRF attack can require the user to carry out state changing demands like moving funds, altering their e-mail address, and so forth.

If the victim is an administrative account, CSRF can compromise the whole web application.”

These are the vulnerabilities found:

  1. Saved XSS via wp-mail. php (post by email)
  2. Open redirect in ‘wp_nonce_ays’
  3. Sender’s email address is exposed in wp-mail. php
  4. Media Library– Reflected XSS through SQLi
  5. Cross-Site Demand Forgery (CSRF) in wp-trackback. php
  6. Saved XSS by means of the Customizer
  7. Revert shared user circumstances presented in 50790
  8. Stored XSS in WordPress Core via Comment Modifying
  9. Information exposure via the REST Terms/Tags Endpoint
  10. Content from multipart emails leaked
  11. SQL Injection due to inappropriate sanitization in ‘WP_Date_Query ‘RSS Widget: Kept XSS problem
  12. Kept XSS in the search block
  13. Function Image Block: XSS issue
  14. RSS Block: Saved XSS issue
  15. Fix widget block XSS

Suggested Action

WordPress advised that all users upgrade their websites immediately.

The official WordPress announcement stated:

“This release features numerous security repairs. Since this is a security release, it is suggested that you update your websites immediately.

All versions given that WordPress 3.7 have likewise been updated.”

Check out the main WordPress announcement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Included image by Best SMM Panel/Asier Romero