TrendMicro Reveals Two New WordPress Remote Code Execution Vulnerabilities

• A new report by TrendMicro revealed two vulnerabilities in WordPress affecting versions prior to 5.0.1 and 4.9.9.
• Both vulnerabilities have been reported to WordPress, but they have not been fully patched yet.
• Users are requested to update to the latest version of the platform to avoid security risks.

WordPress is one of the most popular content management systems and powers a third of all websites on the internet. With millions of users using the platform, it has become a major target for cybercriminals. One of the biggest sources of cyber attacks on the platform is the use of outdated plugins or an outdated version of WordPress itself.

According to a report by TrendMicro, there are two critical vulnerabilities in WordPress. If exploited, attackers could execute PHP code and gain complete system control. The two vulnerabilities affect WordPress versions 5 (prior to 5.0.1) and 4 (prior to 4.9.9). The security researchers have already informed WordPress about the issue.

Both the reported WordPress vulnerabilities are related and patching CVE-2019-8942 makes CVE-2019-8943 non-exploitable. According to TrendMicro “the former plays an essential part in successfully exploiting the latter. That’s because the meta_key in _wp_attached_file first needs to be updated or modified to a path traversal file name before it can execute an embedded PHP code.”

Image Courtesy of TrendMicro

It is important for WordPress users to keep their plugins and the platform itself updated. Old exploits are constantly discovered in older versions of the platform and patches take time to be deployed. There may be more vulnerabilities in the content management system’s older version that have not been discovered yet. TrendMicro recommends outdated plugins that are no longer in development in favor of newer plugins.

Recently an AJAX-related flaw was discovered in the WP Cost Estimation & Payments Forms Builder plugin that was exploited by hackers. With over 11,000 downloads listed on the official website as well as many third-party illegal downloads, the scale of the attack is unknown.

What do you think about the two vulnerabilities discovered in WordPress? Let us know in the comments below. Feel free to share your thoughts with our online community on Facebook and Twitter.