- The attacker sends an HTTP GET request to MediaElement’s flash fallback files that contains an escaped XSS payload.
- The injected payload is reflected by the targeted parameter resulting in reflective XSS.
The WordPress Core versions 3.7–4.9.1 can be accessed directly by unauthenticated attackers.
Alert Logic Coverage
Alert Logic® has evaluated its customer base for exposure to the exploit and has developed signatures for mitigating the threat depending on the security service in place.
The Network-Based Intrusion Detection System (IDS) has been updated with the new signatures for this exploit when detected via Alert Logic Threat Manager™. If this signature is detected, an incident is generated in the Alert Logic console.
Recommendations for Mitigation
Upgrade to a non-vulnerable version to mitigate this vulnerability.