CIS CYBERSECURITY ADVISORIES
MS-ISAC ADVISORY NUMBER:
WordPress Content Management System Vulnerability
A vulnerability has been discovered in WordPress CMS, which could allow an attacker to take control of the affected system. WordPress is an open source content management system (CMS) for websites.
Successful exploitation of the vulnerability could result in an attacker resetting the administrator password and gaining complete control of the WordPress blog. Depending on the privileges gained, an attacker could install extensions; view, change, or delete data; or create new accounts with full user rights.
At this time, CIS has not observed this attack being used in the wild.
- All versions of WordPress
- Large and medium government entities: High
- Small government entities:High
- Large and medium business entities: High
- Small business entities: High
Home users: High
A vulnerability has been identified in WordPress CMS that could allow for an attacker to take control of the blog. Due to a security weakness because of a deficiency of CSPRNG (Cryptographically Secure Pseudo Random Number Generator), an attacker can predict the password reset token of an administrator to reset the administrator password and access sensitive information; deface the site; install extensions; view, change, or delete data; or create new accounts with full user rights.
We recommend the following actions be taken:
- Update vulnerable systems running WordPress immediately after appropriate testing.
- Review and follow WordPress hardening guidelines - http://codex.wordpress.org/Hardening_WordPress
- Confirm that the operating system and all other applications on the system running this CMS are updated with the most recent patches.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.