Pierluigi Paganini January 13, 2017

According to the release notes the latest version of WordPress 4.7.1 addresses eight security vulnerabilities and other 62 bugs.

Wednesday the latest version of WordPress 4.7.1 was released by the WordPress Team, it is classified as a security release for all previous versions. According to the release notes, the new version addresses eight security flaws and other 62 bugs.

According to the WordPress team, the previous WordPress 4.7 release has been downloaded over 10 million times since its release on December 6, 2016.

The PHPMailer library was updated to patch a remote code execution (RCE) vulnerability, tracked as CVE-2016-10033. Aaron D. Campbell, WordPress Core developer, says that “No specific issue appears to affect WordPress or any of the major plugins we investigated but, out of an abundance of caution, we updated PHPMailer in this release”.

The experts, Brian Krogsgard and Chris Jean, discovered that the REST API “exposed data on all users who had authored a post of a public post type.”

Source: “WordPress Security – Complete 17 Step Guide” 

The new version addresses two Cross-site scripting(XSS) vulnerabilities in the WordPress plugins.

“Cross-site scripting (XSS) via the plugin name or version header on update-core.php. Reported by Dominik Schilling of the WordPress Security Team.” reads the advisory.

The second XSS resides in the “theme name fallback” and was reported by Mehmet Ince.

Among the issues fixed by the WordPress Team, there are also two Cross-site request forgery (CSRF) vulnerabilities.

The CSRF bypass via uploading a Flash file was reported by Abdullah Hussam, while Ronnie Skansing reported a CSRF in the accessibility mode of widget editing.

The researchers explained that one of theme identified by Abdullah Hussam can be exploited via a specially crafted Flash file, while the other affects the accessibility mode of widget editing, reported by Ronnie Skansing.

The new release also fixes a weak cryptographic security related to multisite activation key discovered by Jack, the expert described it in a blog post.

Another issue was discovered by John Blackbourn of the WordPress Security Team, it is a post via email checks mail.example.com if default settings aren’t changed.

“Download WordPress 4.7.1 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.7.1” states the advisory.

A report recently issued by the security firm Sucuri claims that WordPress continues to be the most hacked CMS.

As explained in this article published weeks ago by Pierluigi Paganini, more than 8,800 WordPress Plugins out of 44,705 are flawed

“Security firm RIPS Technologies has analyzed 44,705 in the official WordPress plugins directory and discovered that more than 8,800 of them are flawed.”  states the post.

About the Author:@GranetMan

Granet is a young and Junior IT Security Researcher, he is passionate in Linux, Arduino, Digital Forensics, Cyber Security, Free software and Malware Analysis

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – WordPress 4.7.1, hacking)