Bazı WordPress eklentilerinde XSS, SQL Injection ve SSRF zafiyeti tespit edilmiştir.
Mevcut güvenlik açıklıkları nedeniyle siber saldırganların saldırı gerçekleştirmeleri ihtimal dahilindedir. CVE kodları şu şekildedir:
CVE-2021-24202, CVE-2021-24150, CVE-2021-24168, CVE-2021-24169, CVE-2021-24173, CVE-2021-24180, CVE-2021-24181, CVE-2021-24196, CVE-2021-24201, CVE-2021-24205, CVE-2021-24206, CVE-2021-24207, CVE-2021-24208, CVE-2021-24209, CVE-2021-24210, CVE-2021-24211 ve CVE-2021-24212
Ulusal Siber Olaylara Müdahale Merkezi (USOM), kullanıcı ve sistem yöneticilerine; WordPress tarafından yayınlanan güvenlik önerilerini incelemelerini ve WordPress versiyonlarını yükseltmelerini tavsiye etmektedir.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24150
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24168
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24169
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24173
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24180
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24181
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24196
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24201
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24202
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24205
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24202
2021-04-06