WordPress has issued a new security release, the WordPress 4.7.3 release, that addresses six security flaws, including three cross-site scripting (XSS) vulnerabilities. The flaws were discovered by the security experts Chris Andrè Dale, Yorick Koster, Simon P. Briggs, Marc Montpas and a user that goes online with the moniker “Delta.”
The XSS vulnerabilities can be exploited via media file metadata, video URLs in YouTube embeds, and taxonomy term names.
Below the list of vulnerabilities addressed by the WordPress 4.7.3 release:
It is interesting to note that both CSRF and XSS flaws were discovered in July 2016 during the Summer of Pwnage competition organized by the security firm Securify. The researchers released proof-of-concept (PoC) code to exploit both issues.
According to Koster, who spotted the vulnerabilities in the playlist functionality, the attacker needs to convince an editor or administrator into uploading an MP3 file containing specially crafted metadata. Using this trick the attacker’s malicious code attacker’s code will be executed when the metadata is processed by the renderTracks() or wp_playlist_shortcode() functions.
However, there is a CSRF vulnerability in WordPress that still has not been patched, the flaw was discovered in July 2016 and the details for the exploitation were not disclosed.
The flaw could be exploited by an attacker to steal FTP and SSH login credentials.
The security expert Cengiz Han Sahin explained this vulnerability may have a high impact, but the probability of exploitation is low.
[adrotate banner=”9″]
(Security Affairs – WordPress 4.7.3, hacking)
Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…
Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…
Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…
Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…
The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…
This website uses cookies.