Filter by tag: wordpress

WordPress 5.1 CSRF to Remote Code Execution

9 min read 13 Mar 2019 by Simon Scannell
Last month we released an authenticated remote code execution (RCE) vulnerability in WordPress 5.0. This blog post reveals another critical exploit chain for WordPress 5.1 that enables an unauthenticated attacker to gain remote code execution on any WordPress installation prior to version 5.1.1 (CVE-2019-9787).

WordPress 5.0.0 Remote Code Execution

14 min read 19 Feb 2019 by Simon Scannell
This blog post details how a combination of a Path Traversal and Local File Inclusion vulnerability lead to Remote Code Execution in the WordPress core (CVE-2019-8943). The vulnerability remained uncovered in the WordPress core for over 6 years.

Learnings from WordPress Security Month

9 min read 15 Jan 2019 by Simon Scannell
Last year in December we released once a day a vulnerability affecting WordPress core or one of the most popular WordPress plugins, next to a critical persistent XSS in wordpress.org. This blogpost will summarize common mistakes developers make and the overall impact our advent calendar had on the WordPress community and the current state of WordPress security.

Wormable Stored XSS on WordPress.org

10 min read 24 Dec 2018 by Karim El Ouerghemmi
The WordPress.org website holds the repositories for all plugins and themes that are used by all WordPress sites. Furthermore, it manages the accounts that developers use to edit the code of their themes and plugins. In this blog post, we investigate a critical stored XSS vulnerability on the WordPress.org website we have reported to the WordPress security team in May 2018.

WordPress Privilege Escalation through Post Types

13 min read 17 Dec 2018 by Simon Scannell
A logic flaw in the way WordPress created blog posts allowed attackers to access features only administrators were supposed to have (CVE-2018-20152). This lead to a Stored XSS and Object Injection in the WordPress core and more severe vulnerabilities in WordPress’s most popular plugins Contact Form 7 and Jetpack.