Vulnerability in WordPress Content Management System Could Allow Remote Code Execution
MS-ISAC ADVISORY NUMBER:2015-049
A vulnerability has been discovered in WordPress content management system (CMS), which could allow an attacker to take control of the affected system. WordPress is an open source content management system for websites.
Successful exploitation of this vulnerability could result in an attacker resetting the administrator password or gaining complete control of the WordPress blog. Depending on the privileges gained, an attacker could install extensions; view, change, or delete data; or create new accounts with full user rights.
This vulnerability can be exploited using a web browser.
- WordPress versions prior to 4.2.1
- Large and medium government entities: HIGH
- Small government entities: HIGH
- Large and medium business entities: HIGH
- Small business entities: HIGH
A vulnerability has been identified in WordPress CMS that could allow an attacker to inject malicious code by making a comment on a blog or article post hosted on a vulnerable version of WordPress. If the comment is viewed by a user with administrator privileges, arbitrary code could be executed with the same administrator privileges.
Successful exploitation of this vulnerability could allow the attacker to bypass certain security restrictions, gain unauthorized access, run malicious HTML and script codes, or steal cookie-based authentication credentials.
WordPress has released WordPress 4.2.1, which corrects this issue.
We recommend the following actions be taken:
Update WordPress CMS to the latest version after appropriate testing.
Run all software as a non-privileged user to diminish effects of a successful attack.
Review and follow WordPress hardening guidelines - http://codex.wordpress.org/Hardening_WordPress