Wednesday, 11 July 2018

An extraordinary update for WordPress eliminated two critical vulnerabilities

WordPress developers released an extraordinary update for their CMS (4.9.7), which fixed two critical vulnerabilities and nearly two dozen other problems.

In late July 2018, RIPS specialists told about a new vulnerability in WordPress. The detected problem was related to the fact that any registered user (even the User or Author rights), having access to the record editor, can also download and delete images and previews for them. As a result, such a user is able to introduce arbitrary malicious code into WordPress and remove critical files for CMS, which in normal conditions should be available only to the administrator on the server or via FTP.

WordPress- content management system for the site with open source; written in PHP; database server - MySQL; released under the GNU GPL license version 2. The scope - from blogs to fairly complex news resources and online stores. The built-in system of "themes" and "plugins" together with a successful architecture allows you to design projects of broad functional complexity.



Researchers warned that exploiting this bug, an attacker, for example, could delete the wp-config.php file. After that, he gets the opportunity to re-initiate the installation process of the CMS, using his own settings and, for example, to force a vulnerable site to distribute malware or other malicious content.


When the issue was publicly announced, there was no patch for this gap, although it was reported that WordPress developers were informed about the bug in November of last year.

A dangerous vulnerability was decided in detail by the experts of Wordfence, who developed a PoC exploit to study the attack and the corresponding protective rule for their firewall. This analysis revealed a second, "adjacent" vulnerability, which is also critical and allowed to delete arbitrary CMS files due to the incorrect work of the AJAX ekshena upload-attachment, which is used to download media content.

The efforts of Wordfence specialists were not in vain. WordPress developers did not plan to release the update before the end of July, but the potential danger of the detected bugs still made them change their plans. Now, all users are recommended to update WordPress as soon as possible to the latest version 4.9.7, because critical vulnerabilities pose a threat to all versions of CMS, including WordPress 4.9.6.

Home News WordPress An extraordinary update for WordPress eliminated two critical vulnerabilities

Tags : , , , , ,

Follow us

Follow.NOETIKOS

Узнайте стоимость поддержки вашего проекта

Получить предложение

Или заполните бриф на заказ услуг

Заполнить бриф