Back
WordPress 5.0 to 5.0.1

WordPress 5.0 and its vulnerabilities found in the first week of release

The long awaited WordPress version 5.0 has finally become available from the 2018 December 6. Some users waited for this version with intimidation, others feared news such as Gutenberg’s editor. However, we have a new version and it was an excellent motivation for security professionals to re-check the security of the system again.

New WordPress version – old vulnerabilities

Just seven days after the release of the version 5.0 WordPress received a new security update – version WordPress 5.0.1 and it is applicable for all versions since WordPress 3.7. It’s a mistake to believe that all freshly discovered vulnerabilities are related to the latest version of WordPress 5.0. Here’s a list of vulnerabilities fixed with the WordPress 5.0.1 security release (updated versions like 4.9 and older releases are also available, for users who have not yet upgraded to 5.0):

  • Karim El Ouerghemmi discovered that authors could alter metadata to delete files that they weren’t authorized to.
  • Simon Scannell of RIPS Technologies discovered that authors could create posts of unauthorized post types with specially crafted input.
  • Sam Thomas discovered that contributors could craft metadata in a way that resulted in PHP object injection.
  • Tim Coen discovered that contributors could edit new comments from higher-privileged users, potentially leading to a Cross-Site Scripting vulnerability.
  • Tim Coen also discovered that specially crafted URL inputs could lead to a Cross-Site Scripting vulnerability in some circumstances. WordPress itself was not affected, but plugins could be in some situations.
  • Team Yoast discovered that the user activation screen could be indexed by search engines in some uncommon configurations, leading to exposure of email addresses, and in some rare cases, default generated passwords.
  • Tim Coen and Slavco discovered that authors on Apache-hosted sites could upload specifically crafted files that bypass MIME verification, leading to a Cross-Site Scripting vulnerability.

All these vulnerabilities added to our database of WordPress vulnerabilities. We highly recommend you to update your websites with fixed versions of WordPress to avoid any security incidents.

Darius S.

Similar Posts

Social Warfare plugin vulnerabilities exploited

Social Warfare plugin under attack due to critical security vulnerabilities

Social Warfare plugin has more than 60,000 active installs, and now it suffers from the wave of attacks ignited by recently discovered two ...

Easy WP SMTP plugin vulnerability

Easy WP SMTP plugin vulnerability threatens 300k WordPress websites

Easy WP SMTP plugin gets a lot of attention these days due to zero-day (0-day) vulnerability disclosed recently. Why it gets so much ...

Coinhive closing

Coinhive closes – hackers will lose their favorite tool of exploitation

Coinhive development team published a blog post about the discontinuation of Coinhive system. Yes, the same Coinhive that we talked about ...

Leave a Reply

Your email address will not be published. Required fields are marked *