A malicious vulnerability has been found in WordPress

Posted on

Techarticles.Me – A malicious vulnerability has been found in WordPress. Analysts from the FortiGuard laboratory have discovered a vulnerability in the world’s most popular WordPress-CMS (Content Management System), which builds a third of all websites.

The vulnerability detected by Fortinet analyst is a zero-day vulnerability, which is an unknown software manufacturer until it is published. This applies to WordPress versions 5.0 to 5.04, 5.1 and 5.1.1.

Cross-Site Scripting (XSS) vulnerabilities that are stored are caused by the newly embedded Gutenberg version 5.0 editor, which does not filter the JavaScript/HTML code in the user’s browser using the infected website. WordPress has been notified by Fortinet about vulnerability detection and has released its corresponding patches. All affected WordPress version users are encouraged to upgrade to the latest version or immediately download the patch.

How it works

In WordPress version 5.0, users can add blocks that contain HTML snippets to posts. When adding some code characters, such as  “< “, and then reopen this post, WordPress shows an error message and gives a preview, where It translates the code  “< ” to the character  “< “. The XSS Filter in this preview can be easily skipped, for example with the code indicated by Fortinet, proving the existence of the vulnerability:  “” > < img src = 1 onerror = prompt (1) >  “. When the victim sees a post like that, this XSS code will be executed in its browser.

If a victim has administrator privileges, criminals may use this vulnerability to gain control of an administrator account or gain access to WordSpress’s built-in functionality in WordPress and, consequently, to gain control over Server. For example, an attacker could place a JavaScript file on its Web server. The code inside will add the WordPress administrator account with the user name  “attacker ” and password  “attacker “. The attacker would then be able to insert JavaScript using code that was created correctly to attack. Immediately after the victim with a high permit view this post, the account  “attacker ” with administrator privileges will be created.

If you have a WordPress-based website, it is best to update the platform to the latest version-5.2.3.

Source: Fortinet

Leave a Reply

Your email address will not be published. Required fields are marked *