Debian Security Advisory
DSA-2757-1 wordpress -- several vulnerabilities
- Date Reported:
- 14 Sep 2013
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 722537.
In Mitre's CVE dictionary: CVE-2013-4338, CVE-2013-4339, CVE-2013-4340, CVE-2013-5738, CVE-2013-5739.
- More information:
Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches.
This means extra care should be taken when upgrading, especially when using third-party plugins or themes, since compatibility may have been impacted along the way. We recommend that users check their install before doing the upgrade.
Unsafe PHP unserialization in wp-includes/functions.php could cause arbitrary code execution.
Insufficient input validation could result in redirecting or leading a user to another website.
Privilege escalation allowing an user with an author role to create an entry appearing as written by another user.
Insufficient capabilities were required for uploading .html/.html files, making it easier for authenticated users to conduct cross-site scripting attacks (XSS) using crafted html file uploads.
Default Wordpress configuration allowed file upload for .swf/.exe files, making it easier for authenticated users to conduct cross-site scripting attacks (XSS).
For the oldstable distribution (squeeze), these problems have been fixed in version 3.6.1+dfsg-1~deb6u1.
For the stable distribution (wheezy), these problems have been fixed in version 3.6.1+dfsg-1~deb7u1.
For the testing distribution (jessie), these problems have been fixed in version 3.6.1+dfsg-1.
For the unstable distribution (sid), these problems have been fixed in version 3.6.1+dfsg-1.
We recommend that you upgrade your wordpress packages.