The Researcher Tim Coen discovered several cross-site scripting (XSS) vulnerabilities in the CMS. One of the flaws is caused by the ability of contributors to edit new comments from users with higher privileges.
Coen also discovered that it is possible to trigger XSS flaws by using specially crafted URL input against some plugins.
Coen along with the researcher Slavco Mihajloski discovered an XSS vulnerability that allows authors on websites running on Apache servers to upload specially crafted files that bypass the MIME verification.
“Prior to 5.0.1, WordPress did not require uploaded files to pass MIME type verification, so files could be uploaded even if the contents didn’t match the file extension. For example, a binary file could be uploaded with a .jpg extension,” wrote WordPress developer Ian Dunn. “This is no longer the case, and the content of uploaded files must now match their extension. Most valid files should be unaffected, but there may be cases when a file needs to be renamed to its correct extension (e.g., an OpenOffice doc going from .pptx to .ppxs).”
Another flaw discovered by experts at Yoast affects some uncommon configurations and causes the user activation screen being indexed by search engines. This could lead the exposure of email addresses and some default passwords in “some rare cases.”
Karim El Ouerghemmi discovered that security issues allows authors to alter metadata and delete files that they normally would not be authorized to delete.
Security expert Sam Thomas discovered that contributors could use specially crafted metadata for PHP object injection.
The last flaw was discovered by Simon Scannell from RIPS Technologies, il could be exploited by authors using specially crafted input to create posts of unauthorized types.
Security updates that addressed the above flaws have been released for WordPress 4.9 and older releases. Version 5.0 already includes the fixes.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs –WordPress, security)
[adrotate banner="5"]
[adrotate banner="13"]
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
This website uses cookies.