[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2269-1] wordpress security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : wordpress
Version        : 4.1.31+dfsg-0+deb8u1
CVE ID         : CVE-2020-4046 CVE-2020-4047 CVE-2020-4048
                 CVE-2020-4049 CVE-2020-4050
Debian Bug     : 962685


Several vulnerabilities were discovered in Wordpress, a web
blogging tool. They allowed remote attackers to perform
various Cross-Side Scripting (XSS) attacks, create open
redirects, escalate privileges, and bypass authorization
access.

CVE-2020-4046

    In affected versions of WordPress, users with low
    privileges (like contributors and authors) can use the
    embed block in a certain way to inject unfiltered HTML
    in the block editor. When affected posts are viewed by a
    higher privileged user, this could lead to script
    execution in the editor/wp-admin.

CVE-2020-4047

    In affected versions of WordPress, authenticated users with
    upload permissions (like authors) are able to inject
    JavaScript into some media file attachment pages in a certain
    way. This can lead to script execution in the context of a
    higher privileged user when the file is viewed by them.

CVE-2020-4048

    In affected versions of WordPress, due to an issue in
    wp_validate_redirect() and URL sanitization, an arbitrary
    external link can be crafted leading to unintended/open
    redirect when clicked.

CVE-2020-4049

    In affected versions of WordPress, when uploading themes, the
    name of the theme folder can be crafted in a way that could
    lead to JavaScript execution in /wp-admin on the themes page.
    This does require an admin to upload the theme, and is low
    severity self-XSS.

CVE-2020-4050

    In affected versions of WordPress, misuse of the
    `set-screen-option` filter's return value allows arbitrary
    user meta fields to be saved. It does require an admin to
    install a plugin that would misuse the filter. Once installed,
    it can be leveraged by low privileged users.

For Debian 8 "Jessie", these problems have been fixed in version
4.1.31+dfsg-0+deb8u1.

We recommend that you upgrade your wordpress packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl78gFkACgkQgj6WdgbD
S5bzWQ//d3mbBTVlWczRLscTmlk2tqfdwKVXqhTrDHxUxEil01K2itZlfYxy7ahE
nZZUQc9QtEDxUPOdtwn3Ahkf6xJNU0de/QTYBSTJ03udFXfCDYCWEMlMc7tZi4vf
DZDWqv8/WiUzTj23AN7IwIpU3vl6HeSLO3BLKMijdSH9NUSu63Mtv0qkICHuVw4U
ScFesYL4bz+5DwxIMD7US/qShz0K0LXb1IIDIXmmWOPUD+IOtXv24WawOOhlOWK9
XdPBqR54+/ln2A1jm3JQ07mQwUuwZrmDqWWAfCD8ueybAjbbGlUuWlHg6p3abkpa
ZCpLMQSBGQZ1cjSNkR+qRHzBlMRayypAmDnyKcggo5xygnKsaEVRBlqTpWzp41iL
17AQvkhvxBIw9M4A6BePHNkBnaoEUeSlnTa2nFKEE76dsbvpvFRPmPse/hqvAD8W
1ZUt17ZLTfRkOXF+2js37UiXDMuPJaaLitUoGk1thkZq0qbsj6l3DLBqr9xWpOsU
fbGkezloJ/bYUskT0/wKzqfJcbHlniwb29m7f8xKSbTZQ2umG2JO7fy4GA09wF4q
nW/gGIo326YMCU54bp+3vTNrmF41yoPojDHC7W5BiQ+U0WJq5E122EZ4ysVOsa7a
cgteHs7xkSkO+5Wbe2u2AA6brOjh92aSc0edNcYBzTUZ/Yq69y8=
=c6Gi
-----END PGP SIGNATURE-----


Reply to: