WordPress 4.7.2: Hidden Exploit Fix

The recently released version 4.7.2 of WordPress had an additional security fix which was not disclosed in the changelog when it was released. The issue? A privilege escalation / content injection bug in the REST API that allowed for the potential that anyone could edit any post.

How?

Part of the REST API had an improper check for a valid post. If it was not a valid post ID but still contained a valid ID within a string such as “134A” it would be converted to an integer (the A gets stripped away making it just “134”) which gives any user access to update the post via shortcodes (and possibly other routes).

This issue was fixed in 4.7.2 so make sure your WordPress install is updated!

Disclosure of Additional Security Fix in WordPress 4.7.2

Leave a Reply

Your email address will not be published. Required fields are marked *