EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Behind the Code: Identifying Zero-Day Exploits in WordPress

Mohamed Azarudheen Mohamed Mohideen, Muhammad Shahroz Nadeem, James Hardy, Haider Ali, Umair Ullah Tariq (), Fariza Sabrina, Muhammad Waqar and Salman Ahmed
Additional contact information
Mohamed Azarudheen Mohamed Mohideen: School of Computing, University of Derby, Derby DE22 3AW, UK
Muhammad Shahroz Nadeem: School of Technology, Business and Arts, University of Suffolk, Ipswich IP4 1QJ, UK
James Hardy: School of Computing, University of Derby, Derby DE22 3AW, UK
Haider Ali: School of Computing, University of Derby, Derby DE22 3AW, UK
Umair Ullah Tariq: School of Engineering and Technology, Central Queensland University, Rockhampton, QLD 4701, Australia
Fariza Sabrina: School of Engineering and Technology, Central Queensland University, Rockhampton, QLD 4701, Australia
Muhammad Waqar: School of Technology, Business and Arts, University of Suffolk, Ipswich IP4 1QJ, UK
Salman Ahmed: School of Technology, Business and Arts, University of Suffolk, Ipswich IP4 1QJ, UK

Future Internet, 2024, vol. 16, issue 7, 1-22

Abstract: The rising awareness of cybersecurity among governments and the public underscores the importance of effectively managing security incidents, especially zero-day attacks that exploit previously unknown software vulnerabilities. These zero-day attacks are particularly challenging because they exploit flaws that neither the public nor developers are aware of. In our study, we focused on dynamic application security testing (DAST) to investigate cross-site scripting (XSS) attacks. We closely examined 23 popular WordPress plugins, especially those requiring user or admin interactions, as these are frequent targets for XSS attacks. Our testing uncovered previously unknown zero-day vulnerabilities in three of these plugins. Through controlled environment testing, we accurately identified and thoroughly analyzed these XSS vulnerabilities, revealing their mechanisms, potential impacts, and the conditions under which they could be exploited. One of the most concerning findings was the potential for admin-side attacks, which could lead to multi-site insider threats. Specifically, we found vulnerabilities that allow for the insertion of malicious scripts, creating backdoors that unauthorized users can exploit. We demonstrated the severity of these vulnerabilities by employing a keylogger-based attack vector capable of silently capturing and extracting user data from the compromised plugins. Additionally, we tested a zero-click download strategy, allowing malware to be delivered without any user interaction, further highlighting the risks posed by these vulnerabilities. The National Institute of Standards and Technology (NIST) recognized these vulnerabilities and assigned them CVE numbers: CVE-2023-5119 for the Forminator plugin, CVE-2023-5228 for user registration and contact form issues, and CVE-2023-5955 for another critical plugin flaw. Our study emphasizes the critical importance of proactive security measures, such as rigorous input validation, regular security testing, and timely updates, to mitigate the risks posed by zero-day vulnerabilities. It also highlights the need for developers and administrators to stay vigilant and adopt strong security practices to defend against evolving threats.

Keywords: zero-day vulnerabilities; cross-site scripting; WordPress plugins; DAST; keylogger; NIST; CVE; OWASP (search for similar items in EconPapers)
JEL-codes: O3 (search for similar items in EconPapers)
Date: 2024
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/1999-5903/16/7/256/pdf (application/pdf)
https://www.mdpi.com/1999-5903/16/7/256/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:16:y:2024:i:7:p:256-:d:1438410

Access Statistics for this article

Future Internet is currently edited by Ms. Grace You

More articles in Future Internet from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:gam:jftint:v:16:y:2024:i:7:p:256-:d:1438410