Are you trying to protect your WordPress Site from the Genericons XSS Vulnerability?
This guide is for you.
Genericons XSS Vulnerability in Wordpress Websites can leave your site open to cross-site scripting (XSS) attacks.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform WordPress related queries.
In this context, we shall look into how to protect the WordPress website from vulnerability.
More information about Genericons XSS Vulnerability ?
The Genericons is a font package where the actual vulnerability is present. This font package is present in the "TwentyFifteen" theme that is installed and enabled in the WordPress by default.
Moreover, this vulnerability affected one of the most popular plugin named "Jetpack".
Generally, this vulnerability is present in a single file example.html that is included in the Genericon package. This file was included to showcase the font.
So, any themes or plugins that used the more modern versions of the "Genericons" package without removing this file were vulnerable.
How to prevent Genericons XSS Vulnerability issues?
1. In case, if you have installed or updated your WordPress version then you must be secured.
2. But, if you have a WordPress version lesser than 4.2.2 then your website might be vulnerable. In such case, update the WordPress version to higher one.
Also, you can access the server’s document root and search the example.html file.
For that, you can type the below in the server’s document root.
$ find . -path “*/genericons/example.html”
For instance, the output will be as below:
./wp-content/themes/twentythirteen/genericons/example.html
./wp-content/themes/twentyfifteen/genericons/example.html
./wp-content/themes/twentyfourteen/genericons/example.html
So this confirms that the example.html files are present within the TwentyFifteen file. This indicates that the website is vulnerable. So you need to remove these files.
You can directly remove them by running,
$ sudo find . -path “*/genericons/example.html” -exec rm -f {} \;
Then, you can check the existence of the files by running,
$ find . -path “*/genericons/example.html”
Now, no example.com files must be present.
3. Consider upgrading the themes and plugins.