HTTP: WordPress Core Post Slug Stored Cross-Site Scripting
This signature detects attempts to exploit a known cross-site scripting vulnerability against WordPress Core Post Slug. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.
Extended Description
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.
Affected Products
Wordpress wordpress
Short Name
HTTP:XSS:WP-CORE-POST-SLUG
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2022-21662 CVE-2024-4439 Core Cross-Site Post Scripting Slug Stored WordPress
Release Date
01/31/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3709
False Positive
Unknown
Vendors
Wordpress
Debian
CVSS Score
3.5