[Secure-testing-team] Bug#880528: wordpress: Unsafe queries with wpdb->prepare
Craig Small
csmall at debian.org
Wed Nov 1 19:40:04 UTC 2017
Source: wordpress
Version: 4.8.2+dfsg-2
Severity: grave
Tags: upstream security
Justification: user security hole
WordPress versions 4.8.2 and earlier are affected by an issue where
$wpdb->prepare() can create unexpected and unsafe queries leading to
potential SQL injection (SQLi). WordPress core is not directly vulnerable
to this issue, but we’ve added hardening to prevent plugins and themes from
accidentally causing a vulnerability.
I have attempted to get a CVE id for it but the Mitre website is
throwing errors again on the submit button.
References:
https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
https://wpvulndb.com/vulnerabilities/8941
https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.12.0-2-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
More information about the Secure-testing-team
mailing list