Home Cyber Crime WordPress XXE injection vulnerability could allow attackers to remotely steal host files

WordPress XXE injection vulnerability could allow attackers to remotely steal host files

85
0



Jessica Haworth

27 April 2021 at 15:01 UTC

Up to date: 27 April 2021 at 15:06 UTC

Researchers present technical particulars of bug that was mounted in newest safety launch

WordPress XXE injection vulnerability could allow attackers to remotely steal host files

An XML Exterior Entity (XXE) injection bug in WordPress might permit attackers to remotely steal a sufferer’s recordsdata, researchers have revealed.

Safety researchers at SonarSource who found the vulnerability revealed a blog post immediately (April 27) that gives technical particulars on the now-patched bug.

Read more of the latest WordPress vulnerability news

An XXE vulnerability permits an attacker to intrude with an software’s processing of XML knowledge. This could allow them to view recordsdata on the applying server filesystem and work together with any back-end or exterior programs that the applying itself can entry.

On this case, the XXE bug was current in WordPress variations 5.7 and under, and will permit for distant arbitrary file disclosure and server-side request forgery (SSRF).

Restrictions

The weblog submit caveats that this concern is just current in programs operating affected WordPress installations on PHP 8.

Moreover, the permissions to add media recordsdata are wanted,” SonarSource researchers defined within the weblog submit.

READ MORE WordPress 5.7 offers ‘one-click’ HTTP to HTTPS site upgrade feature

“On a regular WordPress set up this interprets to having creator privileges. Nonetheless, mixed with one other vulnerability or a plugin permitting guests to add media recordsdata, it might be exploited with decrease privileges.”

The researchers disclosed the code vulnerability to the WordPress safety workforce, who mounted it within the newest model (5.7.1) and assigned CVE-2021-29447.

Repair

WordPress, the world’s hottest content material administration software program, powers round 40% of all web sites in use, making it a transparent goal for malicious actors.

Happily, because of ongoing safety work from the maintainers of the open supply CMS framework, many sites running WordPress will now auto-update.

Internet admins who would not have this characteristic enabled can replace through their WordPress admin dashboard.

YOU MAY ALSO LIKE WordPress security flaws: 800,000 sites running NextGen Gallery plugin potentially vulnerable to pwnage



Source link