Debian Security Advisory
DLA-2269-1 wordpress -- LTS security update
- Date Reported:
- 01 Jul 2020
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 962685.
In Mitre's CVE dictionary: CVE-2020-4046, CVE-2020-4047, CVE-2020-4048, CVE-2020-4049, CVE-2020-4050.
- More information:
Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) attacks, create open redirects, escalate privileges, and bypass authorization access.
In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this could lead to script execution in the editor/wp-admin.
In affected versions of WordPress, due to an issue in wp_validate_redirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked.
In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed, it can be leveraged by low privileged users.
For Debian 8
Jessie, these problems have been fixed in version 4.1.31+dfsg-0+deb8u1.
We recommend that you upgrade your wordpress packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS