Cybersecurity Announcement: WordPress Releases Patch for High Severity SQL Injection Vulnerability
Cybersecurity Announcement: WordPress Releases Patch for High Severity SQL Injection Vulnerability
About the Event
WordPress has released version 6.0.2. This security and maintenance release contains patches for 3 vulnerabilities, including a high severity SQL Injection vulnerability in the Links functionality (CVSS Score of 8.0), as well as two Medium Severity Cross-Site Scripting vulnerabilities.
Actions to Consider
Cybersecurity recommends patching your sites within the next 30 days. Patched versions are available for every major version of WordPress since 3.7, so you can update without risking compatibility issues. If your site has not been updated automatically we recommend updating manually.
Event Impact
For the SQL Injection vulnerability, prior versions of WordPress failed to successfully sanitize the limit argument of the link retrieval query in the get_bookmarks function, used to ensure that only a certain number of links were returned. In the default configuration, only the Links legacy widget calls the function in such a manner that the user can set the limit argument. However, due to safeguards in legacy widgets, the vulnerability is difficult to exploit.
The two remaining vulnerabilities addressed are medium-severity cross-site scripting (XSS) bugs caused by the use of the ‘the_meta’ function and by plugin deactivation and deletion errors. Successful exploitation of these vulnerabilities could lead to the execution of either scripts injected in post meta keys and values, or JavaScript code in the messages displayed when plugins are deactivated or deleted due to an error.