- Two vulnerabilities were discovered by the Wordfence Team, one was evaluated with a CVSS3 score of 6.4 and the other as 4.4.
- These two vulnerabilities were both stored cross-site scripting vulnerabilities and were spotted in the All In One SEO Pack.
- The Wordfence team released a custom firewall rule to help users be protected from the vulnerability, with Wordfence Premium, Wordfence Care, and Wordfence Response users getting it a month earlier than Wordfence Free users.
In January, the Wordfence Team spotted two vulnerabilities, one rated with a CVSS3 score of 6.4 which is tracked as CVE-2023-0586, and the other rated a 4.4, tracked as CVE-2023-0585.
These vulnerabilities were found in the All In One SEO Pack which has been downloaded over 3 million times. These vulnerabilities were stored cross-site scripting vulnerabilities, with the first one being accessible to Contributor+ users and higher and the second one requiring Administrator-level privileges.
All in One SEO for WordPress is a WordPress SEO plugin, which helps websites rank higher in search engines, without having an SEO expert on the team.
Wordfence to the rescue
While creating posts and pages, vulnerable versions of this plugin do not protect themselves from submitted site titles, meta descriptions, and other components. This gave individuals who had access to the post editor, like contributors and administrators the ability to place malicious JavaScript into those fields.
To mitigate the Contributor+ Cross-Site Scripting vulnerability, the Wordfence team published a custom firewall rule and made it available to Wordfence Premium, Wordfence Care, and Wordfence Response users with Wordfence Free users getting it 30 days later. This rule will shield all Wordfence users from this vulnerability.