JPCERT-AT-2017-0006
JPCERT/CC
2017-02-06
<<< JPCERT/CC Alert 2017-02-06 >>>
Alert on vulnerability in WordPress
https://www.jpcert.or.jp/english/at/2017/at170006.html
I. Overview
The REST API in WordPress contains a vulnerability. When this
vulnerability is exploited, a remote attacker may compromise the
contents of a WordPress site.
Proof-of-Concept code for this vulnerability has been made public,
and JPCERT/CC tested this code. The test resulted in confirmation that
WordPress contents being compromised. In addition, a number of
domestic websites that use an affected version of WordPress have been
compromised. JPCERT/CC has also been confirming compromised websites
that are exploited by this vulnerability.
In order to protect your website from compromise and other attacks,
it is recommended to review the information in "III. Solution" and
apply any countermeasures as soon as possible.
II. Affected Products
The following products and versions are affected by the vulnerability:
- WordPress 4.7 and 4.7.1
III. Solution
Update WordPress to the latest available version.
- WordPress 4.7.2
As a protection until the update can be applied, consider not using
or restricting the use of the REST API in WordPress to mitigate the
effects of the vulnerability. However, it will be necessary to apply
fixes to change the behavior of WordPress and change settings on the
Web server.
IV. References
WordPress
WordPress 4.7.2 Security Release
https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
Sucuri
Content Injection Vulnerability in WordPress
https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
Internet-technology Promotion Agency (IPA)
About countermeasures for WordPress vulnerability (Japanese)
https://www.ipa.go.jp/security/ciadr/vul/20170206-wordpress.html
If you have any information regarding this alert, please contact
JPCERT/CC.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top