TR-21-0385 (WordPress Eklenti Zaifyeti)

Genel Bilgi

Bazı WordPress eklentilerinde XSS zafiyeti tespit edilmiştir.

Etki

Mevcut güvenlik açıklıkları nedeniyle siber saldırganların saldırı gerçekleştirmeleri ihtimal dahilindedir. CVE kodları şöyledir:

CVE-2021-24258, CVE-2021-24259, CVE-2021-24265, CVE-2021-24266, CVE-2021-24267, CVE-2021-24268, CVE-2021-24269, CVE-2021-24270, CVE-2021-24271, CVE-2021-24272, CVE-2021-24273, CVE-2021-24274, CVE-2021-24275, CVE-2021-24276 ve CVE-2021-24293

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), kullanıcı ve sistem yöneticilerine; WordPress tarafından yayınlanan güvenlik önerilerini incelemelerini ve WordPress versiyonlarını yükseltmelerini tavsiye etmektedir.

Kaynaklar

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24258

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24259

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24265

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24266

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24267

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24268

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24269

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24270

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24271

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24272

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24258

2021-05-06