[Secure-testing-team] Bug#862816: wordpress: Six security bugs in wordpress 4.7.4 and earlier
Craig Small
csmall at debian.org
Wed May 17 11:54:55 UTC 2017
Source: wordpress
Version: 4.7.4+dfsg-1
Severity: grave
Tags: upstream security
Justification: user security hole
Wordpress 4.7.4 and earlier has 6 security holes that are fixed in
4.7.5[1]
* 2.7.0 - 4.7.4
Insufficient redirect validation in the HTTP class.
* 2.5.0 - 4.7.4
Improper handling of post meta data values in the XML-RPC API.
* 3.4.0 - 4.7.4
Lack of capability checks for post meta data in the XML-RPC API.
* 2.5.0 - 4.7.4
A Cross Site Request Forgery (CRSF) vulnerability was discovered in the
filesystem credentials dialog.
* 3.3 - 4.7.4
A cross-site scripting (XSS) vulnerability was discovered when
attempting to upload very large files.
* 3.4.0 - 4.6.4
A cross-site scripting (XSS) vulnerability was discovered related to the
Customizer.
Looking at the versions, all distributions are vulnerable to all bugs,
yay me!
I'll request the CVEs and update when I get them.
1: https://wordpress.org/news/2017/05/wordpress-4-7-5/
-- System Information:
Debian Release: 9.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64
(x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-2-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
More information about the Secure-testing-team
mailing list