WordPress Hit With Multiple Vulnerabilities In Versions Prior To 6.0.3 via @sejournal, @martinibuster

WordPress recommends immediate action to fix multiple vulnerabilities discovered in versions prior to 6.0.3 The post WordPress Hit With Multiple Vulnerabilities In Versions Prior To 6.0.3 appeared first on Search Engine Journal.

WordPress Hit With Multiple Vulnerabilities In Versions Prior To 6.0.3 via @sejournal, @martinibuster

WordPress announced a security release to fix more than a dozen vulnerabilities of varying severity

WordPress Hit With Multiple Vulnerabilities In Versions Prior To 6.0.3

WordPress published a security release to address multiple vulnerabilities discovered in versions of WordPress prior to 6.0.3. WordPress also updated all versions since WordPress 3.7.

Cross Site Scripting (XSS) Vulnerability

The U.S. Government National Vulnerability Database published warnings of multiple vulnerabilities affecting WordPress.

There are multiple kinds of vulnerabilities affecting WordPress, including a type known as a Cross Site Scripting, often referred to as XSS.

A cross site scripting vulnerability typically arises when a web application like WordPress doesn’t properly check (sanitize) what is input into a form or uploaded through an upload input.

An attacker can send a malicious script to a user who visits the site which then executes the malicious script, thereupon providing sensitive information or cookies containing user credentials to the attacker.

Another vulnerability discovered is called a Stored XSS, which is generally considered to be worse than a regular XSS attack.

With a stored XSS attack, the malicious script is stored on the website itself and is executed when a user or logged-in user visits the website.

A third kind vulnerability discovered is called a Cross-Site Request Forgery (CSRF).

The non-profit Open Web Application Security Project (OWASP) security website describes this kind of vulnerability:

“Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.

With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker’s choosing.

If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth.

If the victim is an administrative account, CSRF can compromise the entire web application.”

These are the vulnerabilities discovered:

Stored XSS via wp-mail.php (post by email) Open redirect in `wp_nonce_ays` Sender’s email address is exposed in wp-mail.php Media Library – Reflected XSS via SQLi Cross-Site Request Forgery (CSRF) in wp-trackback.php Stored XSS via the Customizer Revert shared user instances introduced in 50790 Stored XSS in WordPress Core via Comment Editing Data exposure via the REST Terms/Tags Endpoint Content from multipart emails leaked SQL Injection due to improper sanitization in `WP_Date_Query` RSS Widget: Stored XSS issue Stored XSS in the search block Feature Image Block: XSS issue RSS Block: Stored XSS issue Fix widget block XSS

Recommended Action

WordPress recommended that all users update their websites immediately.

The official WordPress announcement stated:

“This release features several security fixes. Because this is a security release, it is recommended that you update your sites immediately.

All versions since WordPress 3.7 have also been updated.”

Read the official WordPress announcement here:

WordPress 6.0.3 Security Release

Read the National Vulnerability Database entries for these vulnerabilities:

CVE-2022-43504

CVE-2022-43500

CVE-2022-43497

Featured image by Shutterstock/Asier Romero

SEJ STAFF

Roger Montti

Owner - Martinibuster.com at Martinibuster.com

Roger Montti is a search marketer with over 20 years experience. I offer site audits, phone consultations and content and ...

Subscribe to SEJ

Get our daily newsletter from SEJ's Founder Loren Baker about the latest news in the industry!

Ebook