Detection of Wordpress Content Injection Vulnerability

TL;DR

This paper analyzes the content injection vulnerability in WordPress versions 4.7.0 and 4.7.1, proposing a detection model and a tool that achieves high accuracy in identifying vulnerable applications.

Contribution

It introduces a novel detection model and implements SAISAN, a tool for identifying WordPress content injection vulnerabilities with 92% accuracy.

Findings

SAISAN achieved 92% accuracy compared to manual testing.

The root cause of the vulnerability was analyzed.

The detection model effectively identifies vulnerable WordPress sites.

Abstract

The popularity of content management software (CMS) is growing vastly to the web developers and the business people because of its capacity for easy accessibility, manageability and usability of the distributed website contents. As per the statistics of Built with, 32% of the web applications are developed with WordPress(WP) among all other CMSs [1]. It is obvious that quite a good number of web applications were built with WP in version 4.7.0 and 4.7.1. A recent research reveals that content injection vulnerability was found available in the above two versions of WP [2]. Unauthorized content injection by an intruder in a CMS managed application is one of the serious problems for the business as well as for the web owner.Therefore, detection of the vulnerability becomes a critical issue for this time. In this paper, we have discussed about the root cause of WP content injection of the above versions and have also proposed a detection model for the given vulnerability. A tool, SAISAN has been implemented as per our anticipated model and conducted an examination on 176 WP developed web applications using SAISAN. We achieved the accuracy of 92% of the result of SAISAN as compared to manual black box testing outcome.