INCIBE echoes a vulnerability in WordPress of type 0day, which will allow a remote attack to reset the password and thus have administrator access to the entire website.

A few days ago a vulnerability type 0day was detected, which will affect all versions of the WordPress content manager up to version 4.7.4. This vulnerability would affect all versions of the content manager and apparently it would have already been solved by the WordPress team. The vulnerability focuses on an attack remotely that resets users' password, changes it, and allows access to content management.

Those who have not yet updated the WordPress version on their site, should do so as soon as possible. The INCIBE (National Institute of Cybersecurity), for this specific case, recommends making a backup copy of the website before performing the update, to avoid possible problems when installing said update. It is recommended to verify the backup, so that it can be recovered if any error occurs. WordPress offers a system of eaves and notifications about possible updates, which will allow us to be up to date.

The vulnerability is based on the fact that a remote attacker can reset the password of any of the users of said site, including the administrator of the content management, so that this attacker can fully access the administration panel and this can create content or modify it as you like. Said error occurs when there is a possibility by a remote attacker, manipulating the email using a content manager to reset the user's password. All the data of this vulnerability can be read in the following link.

INCIBE has published a kind of guide or checklist that allows us to do an efficient management and intelligent security and thus avoid problems in the future.