Security researchers reported the discovery of six serious vulnerabilities in WordPress. The vulnerabilities’ impact has been rated as “high”, meaning that patching as soon as possible is highly advisable.
Six WordPress Vulnerabilities Fixed in WordPress 5.2.4
According to Symantec’s security advisory, an attacker could leverage the flaws to execute arbitrary script code in the browser of a vulnerable user in the context of the affected site. This could allow the attacker to steal cookie-based authentication credentials and launch other attacks, as well as bypass certain security restrictions to perform unauthorized actions.
What WordPress versions are vulnerable to the flaws? Versions prior to WordPress 5.2.4 are vulnerable. The list of affected technologies included all versions between WordPress 3.0.1 and WordPress WordPress 5.2.3.
The good news is that WordPress 5.2.4 is already available, which addresses the six security issues.
Here’s a list of the vulnerabilities and the names of the researchers who discovered them:
- Evan Ricafort discovered an issue where stored XSS (cross-site scripting) could be added via the Customizer.
- J.D. Grimes found and disclosed a method of viewing unauthenticated posts.
- David Newman discovered a method to poison the cache of JSON GET requests via the Vary: Origin header.
- Eugene Kolodenker found a server-side request forgery in the way that URLs are validated.
- Ben Bidner of the WordPress Security Team discovered issues related to referrer validation in the admin.
The WordPress team has thanked the researchers privately disclosing the vulnerabilities, which gave them time to fix them before WordPress sites could be attacked.
It should be noted that the WordPress 5.2.4 version is “a short-cycle security release“, which be followed by a major release in version 5.3.
WordPress users can download WordPress 5.2.4 or visit Dashboard – Updates and click Update Now. Sites that support automatic background updates have already started to update automatically, the WordPress team noted.