WordPress 5.8.3 To Address 4 Vulnerabilities

WordPress 5.8.3 Release for Vulnerabilities

VTA-00402 – WordPress 5.8.3 To Address 4 Vulnerabilities 

The Story:
The WordPress development team released WordPress version 5.8.3 to address four vulnerabilities, two of which are rated as high severity. The set includes an SQL injection on WP_Query, a blind SQL injection via the WP_Meta_Query, an XSS attack via the post slugs, and an admin object injection. Sites using WordPress 5.8.2 or older, with read-only filesystems that have disabled automatic core updates in wp-config.php, could be vulnerable to attacks based on the identified flaws.

The four vulnerabilities addressed with the latest security updates are the following:
1. CVE-2022-21661: (CVSS score 8.0) SQL injection via WP_Query. This flaw is exploitable via plugins and themes that use WP-Query.
2. CVE-2022-21662: (CVSS score 8.0) XSS vulnerability allowing authors (lower privilege users) to add a malicious backdoor or take over a site by abusing post slugs.
3. CVE-2022-21664: (CVSS score 7.4) SQL injection via the WP_Meta_Query core class.
4. CVE-2022-21663: (CVSS score 6.6) Object injection issue that can only be exploited if a threat actor has compromised the admin account.


Attack Surfaces:
Web Application

Execution, Impact, Initial Access

SQL injection, XSS attack via post slugs, admin object injection

Active Defense Tactics:
Detect, Disrupt

Active Defense Techniques:
Security Controls, Software Manipulation

SuperPRO’s Threat Countermeasures Procedures:
1. It is recommended to upgrade to version 5.8.3, review firewall configuration, and ensure that WP core updates are activated.
2. The setting can be seen on the ‘define’ parameter in wp-config.php, which should be “define(‘WP_AUTO_UPDATE_CORE’, true );”

Are your Endpoints secured? Scan your Endpoints now:
1. Register account on Open Threat Exchange (OTX).
2. Download the OTX Endpoint Security.
3. Subscribe to Provintell-Lab’s OTX pulses. 
4. Scan your endpoint for the presence of the IOCs. It’s FREE!

Contributed by: Jyao

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>