WordPress RSS and Atom Feed Escaping

Jijith Rajan
Published on
26 Jun 2018

RSS stands for “Rich Site Summary” and “Really Simple Syndication”. It is used for automated reading and transmitting news. The RSS field in written in XML. To use RSS, the RSS aggregator is used. The Atom Syndication Format is an XML language used for web feeds. It is a simple HTTP-based protocol for creating and updating web resources. The old versions of WordPress(1.5.0-4.9) are vulnerable to feed escape. It does not properly restrict enclosures in RSS and Atom fields. This in turn allowing attackers to conduct Cross-Site Scripting attacks in which malicious scripts can be injected. This cause leakage of cookies, session tokens, or other sensitive information retained by the client. The attributes of the enclosures are not correctly escaped in RSS and Atom feeds. These feeds are present in the wp-includes/feed.php file. This method might allow an attacker to exploit XSS via a crafted URL.

Impact and Fixes

Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Jijith Rajan
Jijith Rajan
Cyber Security Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment