WordPress is the most popular Content Management System (CMS) out there, an open source CMS based on PHP and Mysql. It is very popular due to it’s flexibility and easy to use, it has numerous themes and plugins both free and premium, but as we enjoy this great CMS, we should be also wary of the threats our websites could encounter through attacks of various types.
Recently, it has been reported that current versions of WordPress are vulnerable to a stored XSS. Cross-site Scripting or XSS is a type of attack using malicious scripts that are injected in to web pages. This security vulnerability accounts for typically 87% of all security vulnerabilities and the malicious contents can be delivered in a number of ways.
In reflected cross-site scripting (XSS), the attacker can trick you into clicking a malicious link. The attacker injects browser executable code within a single HTTP response. It means that the injected attack is not stored within the application itself. Reflected XSS is also sometimes referred to as Non-Persistent.
In stored Cross-site Scripting (XSS) malicious contents are stored permanently on the target servers such as database, comment field, message forum etc. So the malicious script is retrieved when the stored information is requested from the server. Stored XSS is also referred to as Persistent XSS.
How to test if a site is Vulnerable to XSS?
Testing the XSS vulnerability of a website is quite easy. We can test it by modifying a current parameter that is sent in the HTTP GET request. For example, first use the following example in the browser to print a welcome page for a person John:
This URL is modified to add an extra parameter as shown below:
http://domain.com/index.html?name=<script>alert (‘You just found a XSS vulnerability’)</script>
If the parameter name is not even validating and returning the page as ‘You just found an XSS vulnerability’, then the site is vulnerable to XSS. There are various methods to test XSS vulnerability and this is only one among the few known methods.
It is therefore advisable to upgrade your wordpress version to the latest version. You can download the latest version here.