Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

WordPress 4.7.5 Patches Six Vulnerabilities

WordPress 4.7.5 patches six vulnerabilities affecting version 4.7.4 and earlier, including cross-site scripting (XSS), cross-site request forgery (CSRF), and server-side request forgery (SSRF) flaws.

WordPress 4.7.5 patches six vulnerabilities affecting version 4.7.4 and earlier, including cross-site scripting (XSS), cross-site request forgery (CSRF), and server-side request forgery (SSRF) flaws.

The CSRF flaw patched in the latest WordPress release was reported by Yorick Koster of Netherlands-based Securify. The security hole was discovered in the summer of 2016 as part of a WordPress hacking competition run by Securify, but it was patched only now by WordPress developers.

“This vulnerability can be used to overwrite the FTP or SSH connection settings of the affected WordPress site. An attacker can use this issue to trick an Administrator into logging into the attacker’s FTP or SSH server, disclosing his/her login credentials to the attacker,” Securify wrote in its advisory.

The SSRF flaw, reported by Ronni Skansing and tracked as CVE-2017-9066, has been described by WordPress developers as insufficient redirect validation in the HTTP class. The researcher said the details of the vulnerability and proof-of-concept (PoC) code will soon be made available on the HackerOne platform.

Skansing was also credited for reporting an XSS flaw related to uploading very large files. An XSS bug was also found by Weston Ruter of the WordPress security team in the Customizer feature.

Another member of the WordPress security team, Ben Bidner, identified an issue related to lack of capability checks for post metadata in the XML-RPC API. WordPress 4.7.5 also patches a different vulnerability in the same API.

WordPress announced this week the launch of a public bug bounty program covering the WordPress CMS, BuddyPress, bbPress and GlotPress. Researchers are also invited to report flaws discovered in the WordPress.org, WordCamp.org, BuddyPress.org, WordPress.tv, bbPress.org and Jobs.WordPress.net websites.

Seven researchers, including Skansing, had already earned more than $3,700 by the time the public bug bounty program was announced.

Advertisement. Scroll to continue reading.

Related: Many WordPress Sites Hacked via Recently Patched Flaw

Related: Unpatched WordPress Password Reset Flaw Disclosed

Related: WordPress Attacks Powered by Router Botnet Drop Rapidly

Related: WordPress Content Injection Flaw Makes XSS Bug More Severe

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.