Home Latest Cyber Security News | Network Security Hacking Six-Year-Old Blind SSRF Vulnerability Risks WordPress Sites To DDoS Attacks
Latest Cyber Security News | Network Security HackingNewsVulnerabilities

Six-Year-Old Blind SSRF Vulnerability Risks WordPress Sites To DDoS Attacks

by Abeerah Hashim
written by Abeerah Hashim
AIOS WordPress plugin flaw allowed password logging in plaintext

Researchers discovered a severe blind SSRF vulnerability in WordPress that could allow DDoS attacks. Notably, the vulnerability existed in the WordPress platform for at least six years.

WordPress Blind SSRF Vulnerability

According to a recent post from Sonar, a serious blind server-side request forgery (SSRF) vulnerability affected the pingback implementation in WordPress. Exploiting the vulnerability allows an adversary to take down a target website via DDoS attacks.

Explaining the vulnerability of the Pingback feature, the researchers stated that its continuous exposure to attackers remains a significant attack vector to bring down websites. Describing further, the researchers mentioned in their post,

The pingback functionality is exposed on the XML-RPC API of WordPress. As a reminder, this is an API endpoint expecting XML documents in which the client can choose a function to invoke along with arguments.

An adversary can access the pingback functionality via the xmlrpc.php file, triggering the other blogs to announce pingbacks. Consequently, exploiting such pingbacks from multiple blogs enables the attacker to perform distributed denial of service (DDoS) attacks.

The technical details about the issue are available in Sonar’s post.

No Patch Available Yet

The vulnerability first caught a researcher’s attention back in 2017, followed by many others in the following years. However, unfortunately, the flaw never received an official patch.

Even now, team Sonar has confirmed that the vulnerability remains unpatched until disclosure (and until the time of writing this story). While that’s risky to disclose such bugs, the researchers clarified that they had to disclose the vulnerability publicly given the years-old existence of the issue. Nonetheless, they confirmed the vulnerability as a “low impact” one, requiring chaining other vulnerabilities. Hence, disclosing it won’t endanger WordPress security.

While although no fix is yet available for the flaw, the researchers have proposed the following workaround for WordPress site admins.

As a temporary workaround, we recommend system administrators remove the handler pingback.ping of the XMLRPC endpoint.

Researchers recommend blocking access to xmlrpc.php at the web server level.

Users can implement these workarounds to protect their sites until an official patch arrives.

Let us know your thoughts in the comments.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites

OWASP Disclosed Data Breach Affecting Old Members

Center Identity Launches Patented Passwordless Authentication for Businesses