WordPress Content Management System Vulnerability

ITS Advisory Number: 
2015-014
Date(s) Issued: 
Friday, February 13, 2015
Subject: 
WordPress Content Management System Vulnerability
Overview: 

A vulnerability has been discovered in WordPress Content Management System (CMS), which could allow an attacker to take control of the affected system. WordPress is an open source CMS for websites.

Successful exploitation of the vulnerability could result in an attacker resetting the administrator password and gaining complete control of the WordPress blog. Depending on the privileges gained, an attacker could install extensions; view, change, or delete data; or create new accounts with full user rights.

Systems Affected: 

All versions of WordPress 

RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
High
BUSINESS
Large and medium business entities: 
High
Small business entities: 
High
Home Users: 
High
Description: 

A vulnerability has been identified in WordPress CMS that could allow for an attacker to take control of the blog. Due to a deficiency in CSPRNG (Cryptographically Secure Pseudo Random Number Generator), an attacker can predict the password reset token of an administrator to reset the administrator password and access sensitive information; deface the site; install extensions; view, change, or delete data; or create new accounts with full user rights.

Actions: 

We recommend the following actions be taken:

  • Update vulnerable systems running WordPress immediately after appropriate testing.
  • Review and follow WordPress hardening guidelines - http://codex.wordpress.org/Hardening_WordPress
  • Confirm that the operating system and all other applications on the system running this CMS are updated with the most recent patches.
  • Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.