Detection of Wordpress Content Injection Vulnerability

11/07/2017
by   Md. Maruf Hassan, et al.
0

The popularity of content management software (CMS) is growing vastly to the web developers and the business people because of its capacity for easy accessibility, manageability and usability of the distributed website contents. As per the statistics of Built with, 32 with WordPress(WP) among all other CMSs [1]. It is obvious that quite a good number of web applications were built with WP in version 4.7.0 and 4.7.1. A recent research reveals that content injection vulnerability was found available in the above two versions of WP [2]. Unauthorized content injection by an intruder in a CMS managed application is one of the serious problems for the business as well as for the web owner.Therefore, detection of the vulnerability becomes a critical issue for this time. In this paper, we have discussed about the root cause of WP content injection of the above versions and have also proposed a detection model for the given vulnerability. A tool, SAISAN has been implemented as per our anticipated model and conducted an examination on 176 WP developed web applications using SAISAN. We achieved the accuracy of 92 outcome.

READ FULL TEXT

page 2

page 6

page 7

page 9

page 10

page 11

page 14

research
04/19/2022

Context-Auditor: Context-sensitive Content Injection Mitigation

Cross-site scripting (XSS) is the most common vulnerability class in web...
research
11/02/2018

Large-Scale Analysis of Style Injection by Relative Path Overwrite

Relative Path Overwrite (RPO) is a recent technique to inject style dire...
research
05/11/2021

An Innovative Security Strategy using Reactive Web Application Honeypot

Nowadays, web applications have become most prevalent in the industry, a...
research
07/13/2020

Robin: A Web Security Tool

Thanks to the advance of technology, all kinds of applications are becom...
research
09/01/2015

GR2RSS: Publishing Linked Open Commerce Data as RSS and Atom Feeds

The integration of Linked Open Data (LOD) content in Web pages is a chal...
research
03/13/2023

DeepVigor: Vulnerability Value Ranges and Factors for DNNs' Reliability Assessment

Deep Neural Networks (DNNs) and their accelerators are being deployed ev...
research
10/29/2018

Renarration for All

The accessibility of content for all has been a key goal of the Web sinc...

Please sign up or login with your details

Forgot password? Click here to reset