Vulnerabilites related to WordPress - WordPress
CVE-2019-16780 (GCVE-0-2019-16780)
Vulnerability from cvelistv5
Published
2019-12-26 16:50
Modified
2024-08-05 01:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:47.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9976"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x3wp-h3qx-9w94"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/WordPress/wordpress-develop/commit/505dd6a20b6fc3d06130018c1caeff764248c29e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/738644"
},
{
"name": "20200108 [SECURITY] [DSA 4599-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2020/Jan/8"
},
{
"name": "DSA-4599",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4599"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"lessThan": "5.3.1",
"status": "affected",
"version": "\u003c 5.3.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-06T12:06:14",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9976"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x3wp-h3qx-9w94"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/WordPress/wordpress-develop/commit/505dd6a20b6fc3d06130018c1caeff764248c29e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/738644"
},
{
"name": "20200108 [SECURITY] [DSA 4599-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2020/Jan/8"
},
{
"name": "DSA-4599",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4599"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
}
],
"source": {
"advisory": "GHSA-x3wp-h3qx-9w94",
"discovery": "UNKNOWN"
},
"title": "Stored cross-site scripting (XSS) in WordPress block editor",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16780",
"STATE": "PUBLIC",
"TITLE": "Stored cross-site scripting (XSS) in WordPress block editor"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "\u003c 5.3.1",
"version_value": "5.3.1"
}
]
}
}
]
},
"vendor_name": "WordPress"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpvulndb.com/vulnerabilities/9976",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9976"
},
{
"name": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x3wp-h3qx-9w94",
"refsource": "CONFIRM",
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x3wp-h3qx-9w94"
},
{
"name": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/",
"refsource": "MISC",
"url": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/"
},
{
"name": "https://github.com/WordPress/wordpress-develop/commit/505dd6a20b6fc3d06130018c1caeff764248c29e",
"refsource": "MISC",
"url": "https://github.com/WordPress/wordpress-develop/commit/505dd6a20b6fc3d06130018c1caeff764248c29e"
},
{
"name": "https://hackerone.com/reports/738644",
"refsource": "MISC",
"url": "https://hackerone.com/reports/738644"
},
{
"name": "20200108 [SECURITY] [DSA 4599-1] wordpress security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2020/Jan/8"
},
{
"name": "DSA-4599",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4599"
},
{
"name": "DSA-4677",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4677"
}
]
},
"source": {
"advisory": "GHSA-x3wp-h3qx-9w94",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2019-16780",
"datePublished": "2019-12-26T16:50:13",
"dateReserved": "2019-09-24T00:00:00",
"dateUpdated": "2024-08-05T01:24:47.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-58674 (GCVE-0-2025-58674)
Vulnerability from cvelistv5
Published
2025-09-23 18:47
Modified
2025-10-01 08:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WordPress | WordPress |
Version: 6.8 < Version: 6.7 < Version: 6.6 < Version: 6.5 < Version: 6.4 < Version: 6.3 < Version: 6.2 < Version: 6.1 < Version: 6.0 < Version: 5.9 < Version: 5.8 < Version: 5.7 < Version: 5.6 < Version: 5.5 < Version: 5.4 < Version: 5.3 < Version: 5.2 < Version: 5.1 < Version: 5.0 < Version: 4.9 < Version: 4.8 < Version: 4.7 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58674",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T19:15:09.886956Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T19:17:35.099Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WordPress",
"repo": "https://github.com/WordPress/WordPress",
"vendor": "WordPress",
"versions": [
{
"changes": [
{
"at": "6.8.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.8.2",
"status": "affected",
"version": "6.8",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.7.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.7.3",
"status": "affected",
"version": "6.7",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.6.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.6.3",
"status": "affected",
"version": "6.6",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.5.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.5.6",
"status": "affected",
"version": "6.5",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.4.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.6",
"status": "affected",
"version": "6.4",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.3.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.3.6",
"status": "affected",
"version": "6.3",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.2.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.2.7",
"status": "affected",
"version": "6.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.1.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.1.8",
"status": "affected",
"version": "6.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.0.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.10",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.9.12",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.9.11",
"status": "affected",
"version": "5.9",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.8.12",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.8.11",
"status": "affected",
"version": "5.8",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.7.14",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.7.13",
"status": "affected",
"version": "5.7",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.6.16",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.6.15",
"status": "affected",
"version": "5.6",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.5.17",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.5.16",
"status": "affected",
"version": "5.5",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.4.18",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.4.17",
"status": "affected",
"version": "5.4",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.3.20",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.3.19",
"status": "affected",
"version": "5.3",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.2.23",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.2.22",
"status": "affected",
"version": "5.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.1.21",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.1.20",
"status": "affected",
"version": "5.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.0.24",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.23",
"status": "affected",
"version": "5.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "4.9.28",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.9.27",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"changes": [
{
"at": "4.8.27",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.8.26",
"status": "affected",
"version": "4.8",
"versionType": "custom"
},
{
"changes": [
{
"at": "4.7.31",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.7.30",
"status": "affected",
"version": "4.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "savphill (Patchstack Bug Bounty Program)"
},
{
"lang": "en",
"type": "coordinator",
"value": "John Blackbourn (WordPress core security team lead)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.\u003c/span\u003e\u003cp\u003eThis issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user privileges to execute the attack vector.This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T08:35:39.048Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-cross-site-scripting-xss-vulnerability?_s_id=cve"
},
{
"tags": [
"release-notes"
],
"url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
}
],
"value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "WordPress \u003c= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-58674",
"datePublished": "2025-09-23T18:47:02.628Z",
"dateReserved": "2025-09-03T09:03:46.831Z",
"dateUpdated": "2025-10-01T08:35:39.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11029 (GCVE-0-2020-11029)
Vulnerability from cvelistv5
Published
2020-04-30 22:15
Modified
2024-08-04 11:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
In affected versions of WordPress, a vulnerability in the stats() method of class-wp-object-cache.php can be exploited to execute cross-site scripting (XSS) attacks. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WordPress | WordPress |
Version: >= 5.4.0, < 5.4.1 Version: >= 5.3.0, < 5.3.3 Version: >= 5.2.0, < 5.2.6 Version: >= 5.1.0, < 5.1.5 Version: >= 5.0.0, < 5.0.9 Version: >= 4.9.0, < 4.9.14 Version: >= 4.8.0, < 4.8.13 Version: >= 4.7.0, < 4.7.17 Version: >= 4.6.0, < 4.6.18 Version: >= 4.5.0, < 4.5.21 Version: >= 4.4.0, < 4.4.22 Version: >= 4.3.0, < 4.3.23 Version: >= 4.2.0, < 4.2.27 Version: >= 4.1.0, < 4.1.30 Version: >= 4.0.0, < 4.0.30 Version: >= 3.9.0, < 3.9.31 Version: >= 3.8.0, < 3.8.33 Version: >= 3.7.0, < 3.7.33 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-568w-8m88-8g2c"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"status": "affected",
"version": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"status": "affected",
"version": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"status": "affected",
"version": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"status": "affected",
"version": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"status": "affected",
"version": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"status": "affected",
"version": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"status": "affected",
"version": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"status": "affected",
"version": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"status": "affected",
"version": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of WordPress, a vulnerability in the stats() method of class-wp-object-cache.php can be exploited to execute cross-site scripting (XSS) attacks. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-11T15:06:04",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-568w-8m88-8g2c"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
}
],
"source": {
"advisory": "GHSA-568w-8m88-8g2c",
"discovery": "UNKNOWN"
},
"title": "Cross-site scripting in stats method (object cache) in WordPress",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-11029",
"STATE": "PUBLIC",
"TITLE": "Cross-site scripting in stats method (object cache) in WordPress"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"version_value": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"version_value": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"version_value": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"version_value": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"version_value": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"version_value": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"version_value": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"version_value": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"version_value": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"version_value": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"version_value": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"version_value": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"version_value": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"version_value": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"version_value": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"version_value": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
}
]
},
"vendor_name": "WordPress"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of WordPress, a vulnerability in the stats() method of class-wp-object-cache.php can be exploited to execute cross-site scripting (XSS) attacks. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates",
"refsource": "MISC",
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"name": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-568w-8m88-8g2c",
"refsource": "CONFIRM",
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-568w-8m88-8g2c"
},
{
"name": "DSA-4677",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
}
]
},
"source": {
"advisory": "GHSA-568w-8m88-8g2c",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-11029",
"datePublished": "2020-04-30T22:15:18",
"dateReserved": "2020-03-30T00:00:00",
"dateUpdated": "2024-08-04T11:21:14.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16781 (GCVE-0-2019-16781)
Vulnerability from cvelistv5
Published
2019-12-26 17:00
Modified
2024-08-05 01:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpvulndb.com/vulnerabilities/9976"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-pg4x-64rh-3c9v"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/731301"
},
{
"name": "20200108 [SECURITY] [DSA 4599-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2020/Jan/8"
},
{
"name": "DSA-4599",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4599"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"lessThan": "5.3.1",
"status": "affected",
"version": "\u003c 5.3.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-06T12:06:10",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpvulndb.com/vulnerabilities/9976"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-pg4x-64rh-3c9v"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/731301"
},
{
"name": "20200108 [SECURITY] [DSA 4599-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2020/Jan/8"
},
{
"name": "DSA-4599",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4599"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
}
],
"source": {
"advisory": "GHSA-pg4x-64rh-3c9v",
"discovery": "UNKNOWN"
},
"title": "Stored cross-site scripting (XSS) in WordPress block editor",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16781",
"STATE": "PUBLIC",
"TITLE": "Stored cross-site scripting (XSS) in WordPress block editor"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "\u003c 5.3.1",
"version_value": "5.3.1"
}
]
}
}
]
},
"vendor_name": "WordPress"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpvulndb.com/vulnerabilities/9976",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9976"
},
{
"name": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/",
"refsource": "MISC",
"url": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/"
},
{
"name": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-pg4x-64rh-3c9v",
"refsource": "CONFIRM",
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-pg4x-64rh-3c9v"
},
{
"name": "https://hackerone.com/reports/731301",
"refsource": "MISC",
"url": "https://hackerone.com/reports/731301"
},
{
"name": "20200108 [SECURITY] [DSA 4599-1] wordpress security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2020/Jan/8"
},
{
"name": "DSA-4599",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4599"
},
{
"name": "DSA-4677",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4677"
}
]
},
"source": {
"advisory": "GHSA-pg4x-64rh-3c9v",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2019-16781",
"datePublished": "2019-12-26T17:00:17",
"dateReserved": "2019-09-24T00:00:00",
"dateUpdated": "2024-08-05T01:24:48.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5561 (GCVE-0-2023-5561)
Vulnerability from cvelistv5
Published
2023-10-16 19:39
Modified
2025-04-23 16:12
Severity ?
VLAI Severity ?
EPSS score ?
Summary
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WordPress | WordPress |
Version: 6.3.0 ≤ Version: 6.2.0 ≤ Version: 6.1.0 ≤ Version: 6.0.0 ≤ Version: 5.9.0 ≤ Version: 5.8.0 ≤ Version: 5.7.0 ≤ Version: 5.6.0 ≤ Version: 5.5.0 ≤ Version: 5.4.0 ≤ Version: 5.3.0 ≤ Version: 5.2.0 ≤ Version: 5.0.0 ≤ Version: 4.9.0 ≤ Version: 4.8.0 ≤ Version: 4.7.0 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/19380917-4c27-4095-abf1-eba6f913b441"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00014.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5561",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T16:07:50.654852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:12:25.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"lessThan": "6.3.2",
"status": "affected",
"version": "6.3.0",
"versionType": "semver"
},
{
"lessThan": "6.2.3",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThan": "6.1.4",
"status": "affected",
"version": "6.1.0",
"versionType": "semver"
},
{
"lessThan": "6.0.6",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
},
{
"lessThan": "5.9.8",
"status": "affected",
"version": "5.9.0",
"versionType": "semver"
},
{
"lessThan": "5.8.8",
"status": "affected",
"version": "5.8.0",
"versionType": "semver"
},
{
"lessThan": "5.7.10",
"status": "affected",
"version": "5.7.0",
"versionType": "semver"
},
{
"lessThan": "5.6.12",
"status": "affected",
"version": "5.6.0",
"versionType": "semver"
},
{
"lessThan": "5.5.13",
"status": "affected",
"version": "5.5.0",
"versionType": "semver"
},
{
"lessThan": "5.4.14",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThan": "5.3.16",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "5.2.19",
"status": "affected",
"version": "5.2.0",
"versionType": "semver"
},
{
"lessThan": "5.0.20",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
},
{
"lessThan": "4.9.24",
"status": "affected",
"version": "4.9.0",
"versionType": "semver"
},
{
"lessThan": "4.8.23",
"status": "affected",
"version": "4.8.0",
"versionType": "semver"
},
{
"lessThan": "4.7.27",
"status": "affected",
"version": "4.7.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marc Montpas"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-20T23:06:10.636Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/19380917-4c27-4095-abf1-eba6f913b441"
},
{
"tags": [
"technical-description"
],
"url": "https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00014.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress \u003c 6.3.2 - Unauthenticated Post Author Email Disclosure",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2023-5561",
"datePublished": "2023-10-16T19:39:10.424Z",
"dateReserved": "2023-10-12T17:42:19.461Z",
"dateUpdated": "2025-04-23T16:12:25.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-58246 (GCVE-0-2025-58246)
Vulnerability from cvelistv5
Published
2025-09-23 17:17
Modified
2025-10-01 08:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-201 - Insertion of Sensitive Information Into Sent Data
Summary
Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it.
This issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WordPress | WordPress |
Version: 6.8 < Version: 6.7 < Version: 6.6 < Version: 6.5 < Version: 6.4 < Version: 6.3 < Version: 6.2 < Version: 6.1 < Version: 6.0 < Version: 5.9 < Version: 5.8 < Version: 5.7 < Version: 5.6 < Version: 5.5 < Version: 5.4 < Version: 5.3 < Version: 5.2 < Version: 5.1 < Version: 5.0 < Version: 4.9 < Version: 4.8 < Version: 4.7 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T18:30:39.501670Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T18:37:38.153Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WordPress",
"repo": "https://github.com/WordPress/WordPress",
"vendor": "WordPress",
"versions": [
{
"changes": [
{
"at": "6.8.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.8.2",
"status": "affected",
"version": "6.8",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.7.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.7.3",
"status": "affected",
"version": "6.7",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.6.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.6.3",
"status": "affected",
"version": "6.6",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.5.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.5.6",
"status": "affected",
"version": "6.5",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.4.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.4.6",
"status": "affected",
"version": "6.4",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.3.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.3.6",
"status": "affected",
"version": "6.3",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.2.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.2.7",
"status": "affected",
"version": "6.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.1.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.1.8",
"status": "affected",
"version": "6.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.0.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.0.10",
"status": "affected",
"version": "6.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.9.12",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.9.11",
"status": "affected",
"version": "5.9",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.8.12",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.8.11",
"status": "affected",
"version": "5.8",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.7.14",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.7.13",
"status": "affected",
"version": "5.7",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.6.16",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.6.15",
"status": "affected",
"version": "5.6",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.5.17",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.5.16",
"status": "affected",
"version": "5.5",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.4.18",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.4.17",
"status": "affected",
"version": "5.4",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.3.20",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.3.19",
"status": "affected",
"version": "5.3",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.2.23",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.2.22",
"status": "affected",
"version": "5.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.1.21",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.1.20",
"status": "affected",
"version": "5.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "5.0.24",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.23",
"status": "affected",
"version": "5.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "4.9.28",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.9.27",
"status": "affected",
"version": "4.9",
"versionType": "custom"
},
{
"changes": [
{
"at": "4.8.27",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.8.26",
"status": "affected",
"version": "4.8",
"versionType": "custom"
},
{
"changes": [
{
"at": "4.7.31",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.7.30",
"status": "affected",
"version": "4.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Abu Hurayra (Patchstack Bug Bounty Program)"
},
{
"lang": "en",
"type": "coordinator",
"value": "John Blackbourn (WordPress core security team lead)"
},
{
"lang": "en",
"type": "reporter",
"value": "Timothy Jacobs"
},
{
"lang": "en",
"type": "reporter",
"value": "Peter Wilson"
},
{
"lang": "en",
"type": "reporter",
"value": "Mike Nelson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30.\u003c/p\u003e"
}
],
"value": "Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to exploit it.\nThis issue affects WordPress: from 6.8 through 6.8.2, from 6.7 through 6.7.3, from 6.6 through 6.6.3, from 6.5 through 6.5.6, from 6.4 through 6.4.6, from 6.3 through 6.3.6, from 6.2 through 6.2.7, from 6.1 through 6.1.8, from 6.0 through 6.0.10, from 5.9 through 5.9.11, from 5.8 through 5.8.11, from 5.7 through 5.7.13, from 5.6 through 5.6.15, from 5.5 through 5.5.16, from 5.4 through 5.4.17, from 5.3 through 5.3.19, from 5.2 through 5.2.22, from 5.1 through 5.1.20, from 5.0 through 5.0.23, from 4.9 through 4.9.27, from 4.8 through 4.8.26, from 4.7 through 4.7.30."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-201",
"description": "CWE-201 Insertion of Sensitive Information Into Sent Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T08:37:01.207Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/wordpress/wordpress/vulnerability/wordpress-wordpress-wordpress-6-8-2-sensitive-data-exposure-vulnerability?_s_id=cve"
},
{
"tags": [
"release-notes"
],
"url": "https://wordpress.org/news/2025/09/wordpress-6-8-3-release/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
}
],
"value": "Update WordPress to one of the following patched or higher versions: 6.8.3, 6.7.4, 6.6.4, 6.5.7, 6.4.7, 6.3.7, 6.2.8, 6.1.9, 6.0.11, 5.9.12, 5.8.12, 5.7.14, 5.6.16, 5.5.17, 5.4.18, 5.3.20, 5.2.23, 5.1.21, 5.0.24, 4.9.28, 4.8.27, or 4.7.31."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "WordPress \u003c= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-58246",
"datePublished": "2025-09-23T17:17:12.399Z",
"dateReserved": "2025-08-27T16:19:44.959Z",
"dateUpdated": "2025-10-01T08:37:01.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11027 (GCVE-0-2020-11027)
Vulnerability from cvelistv5
Published
2020-04-30 00:00
Modified
2024-08-04 11:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-672 - Operation on a Resource after Expiration or Release
Summary
In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WordPress | WordPress |
Version: >= 5.4.0, < 5.4.1 Version: >= 5.3.0, < 5.3.3 Version: >= 5.2.0, < 5.2.6 Version: >= 5.1.0, < 5.1.5 Version: >= 5.0.0, < 5.0.9 Version: >= 4.9.0, < 4.9.14 Version: >= 4.8.0, < 4.8.13 Version: >= 4.7.0, < 4.7.17 Version: >= 4.6.0, < 4.6.18 Version: >= 4.5.0, < 4.5.21 Version: >= 4.4.0, < 4.4.22 Version: >= 4.3.0, < 4.3.23 Version: >= 4.2.0, < 4.2.27 Version: >= 4.1.0, < 4.1.30 Version: >= 4.0.0, < 4.0.30 Version: >= 3.9.0, < 3.9.31 Version: >= 3.8.0, < 3.8.33 Version: >= 3.7.0, < 3.7.33 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-ww7v-jg8c-q6jw"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173034/WordPress-Theme-Medic-1.0.0-Weak-Password-Recovery-Mechanism.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"status": "affected",
"version": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"status": "affected",
"version": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"status": "affected",
"version": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"status": "affected",
"version": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"status": "affected",
"version": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"status": "affected",
"version": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"status": "affected",
"version": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"status": "affected",
"version": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"status": "affected",
"version": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-672",
"description": "CWE-672: Operation on a Resource after Expiration or Release",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-20T00:00:00",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-ww7v-jg8c-q6jw"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
},
{
"url": "http://packetstormsecurity.com/files/173034/WordPress-Theme-Medic-1.0.0-Weak-Password-Recovery-Mechanism.html"
}
],
"source": {
"advisory": "GHSA-ww7v-jg8c-q6jw",
"discovery": "UNKNOWN"
},
"title": "Password reset links invalidation issue in WordPress"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-11027",
"datePublished": "2020-04-30T00:00:00",
"dateReserved": "2020-03-30T00:00:00",
"dateUpdated": "2024-08-04T11:21:14.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11025 (GCVE-0-2020-11025)
Vulnerability from cvelistv5
Published
2020-04-30 22:10
Modified
2024-08-04 11:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
In affected versions of WordPress, a cross-site scripting (XSS) vulnerability in the navigation section of Customizer allows JavaScript code to be executed. Exploitation requires an authenticated user. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WordPress | WordPress |
Version: >= 5.4.0, < 5.4.1 Version: >= 5.3.0, < 5.3.3 Version: >= 5.2.0, < 5.2.6 Version: >= 5.1.0, < 5.1.5 Version: >= 5.0.0, < 5.0.9 Version: >= 4.9.0, < 4.9.14 Version: >= 4.8.0, < 4.8.13 Version: >= 4.7.0, < 4.7.17 Version: >= 4.6.0, < 4.6.18 Version: >= 4.5.0, < 4.5.21 Version: >= 4.4.0, < 4.4.22 Version: >= 4.3.0, < 4.3.23 Version: >= 4.2.0, < 4.2.27 Version: >= 4.1.0, < 4.1.30 Version: >= 4.0.0, < 4.0.30 Version: >= 3.9.0, < 3.9.31 Version: >= 3.8.0, < 3.8.33 Version: >= 3.7.0, < 3.7.33 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-4mhg-j6fx-5g3c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"status": "affected",
"version": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"status": "affected",
"version": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"status": "affected",
"version": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"status": "affected",
"version": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"status": "affected",
"version": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"status": "affected",
"version": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"status": "affected",
"version": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"status": "affected",
"version": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"status": "affected",
"version": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of WordPress, a cross-site scripting (XSS) vulnerability in the navigation section of Customizer allows JavaScript code to be executed. Exploitation requires an authenticated user. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-06T12:06:15",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-4mhg-j6fx-5g3c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
}
],
"source": {
"advisory": "GHSA-4mhg-j6fx-5g3c",
"discovery": "UNKNOWN"
},
"title": "Authenticated cross-site scripting (XSS) in WordPress Customizer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-11025",
"STATE": "PUBLIC",
"TITLE": "Authenticated cross-site scripting (XSS) in WordPress Customizer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"version_value": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"version_value": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"version_value": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"version_value": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"version_value": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"version_value": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"version_value": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"version_value": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"version_value": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"version_value": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"version_value": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"version_value": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"version_value": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"version_value": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"version_value": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"version_value": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
}
]
},
"vendor_name": "WordPress"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of WordPress, a cross-site scripting (XSS) vulnerability in the navigation section of Customizer allows JavaScript code to be executed. Exploitation requires an authenticated user. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-4mhg-j6fx-5g3c",
"refsource": "CONFIRM",
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-4mhg-j6fx-5g3c"
},
{
"name": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates",
"refsource": "MISC",
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"name": "DSA-4677",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4677"
}
]
},
"source": {
"advisory": "GHSA-4mhg-j6fx-5g3c",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-11025",
"datePublished": "2020-04-30T22:10:11",
"dateReserved": "2020-03-30T00:00:00",
"dateUpdated": "2024-08-04T11:21:14.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11026 (GCVE-0-2020-11026)
Vulnerability from cvelistv5
Published
2020-04-30 22:15
Modified
2024-08-04 11:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-707 - Improper Neutralization
Summary
In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. This requires an authenticated user with privileges to upload files. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WordPress | WordPress |
Version: >= 5.4.0, < 5.4.1 Version: >= 5.3.0, < 5.3.3 Version: >= 5.2.0, < 5.2.6 Version: >= 5.1.0, < 5.1.5 Version: >= 5.0.0, < 5.0.9 Version: >= 4.9.0, < 4.9.14 Version: >= 4.8.0, < 4.8.13 Version: >= 4.7.0, < 4.7.17 Version: >= 4.6.0, < 4.6.18 Version: >= 4.5.0, < 4.5.21 Version: >= 4.4.0, < 4.4.22 Version: >= 4.3.0, < 4.3.23 Version: >= 4.2.0, < 4.2.27 Version: >= 4.1.0, < 4.1.30 Version: >= 4.0.0, < 4.0.30 Version: >= 3.9.0, < 3.9.31 Version: >= 3.8.0, < 3.8.33 Version: >= 3.7.0, < 3.7.33 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-3gw2-4656-pfr2"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"status": "affected",
"version": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"status": "affected",
"version": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"status": "affected",
"version": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"status": "affected",
"version": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"status": "affected",
"version": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"status": "affected",
"version": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"status": "affected",
"version": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"status": "affected",
"version": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"status": "affected",
"version": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. This requires an authenticated user with privileges to upload files. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-707",
"description": "CWE-707: Improper Neutralization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-11T15:06:03",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-3gw2-4656-pfr2"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
}
],
"source": {
"advisory": "GHSA-3gw2-4656-pfr2",
"discovery": "UNKNOWN"
},
"title": "Specially crafted filenames in WordPress leading to XSS",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-11026",
"STATE": "PUBLIC",
"TITLE": "Specially crafted filenames in WordPress leading to XSS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"version_value": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"version_value": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"version_value": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"version_value": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"version_value": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"version_value": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"version_value": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"version_value": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"version_value": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"version_value": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"version_value": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"version_value": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"version_value": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"version_value": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"version_value": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"version_value": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
}
]
},
"vendor_name": "WordPress"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. This requires an authenticated user with privileges to upload files. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-707: Improper Neutralization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates",
"refsource": "MISC",
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"name": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-3gw2-4656-pfr2",
"refsource": "CONFIRM",
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-3gw2-4656-pfr2"
},
{
"name": "DSA-4677",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
}
]
},
"source": {
"advisory": "GHSA-3gw2-4656-pfr2",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-11026",
"datePublished": "2020-04-30T22:15:32",
"dateReserved": "2020-03-30T00:00:00",
"dateUpdated": "2024-08-04T11:21:14.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11028 (GCVE-0-2020-11028)
Vulnerability from cvelistv5
Published
2020-04-30 22:15
Modified
2024-08-04 11:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WordPress | WordPress |
Version: >= 5.4.0, < 5.4.1 Version: >= 5.3.0, < 5.3.3 Version: >= 5.2.0, < 5.2.6 Version: >= 5.1.0, < 5.1.5 Version: >= 5.0.0, < 5.0.9 Version: >= 4.9.0, < 4.9.14 Version: >= 4.8.0, < 4.8.13 Version: >= 4.7.0, < 4.7.17 Version: >= 4.6.0, < 4.6.18 Version: >= 4.5.0, < 4.5.21 Version: >= 4.4.0, < 4.4.22 Version: >= 4.3.0, < 4.3.23 Version: >= 4.2.0, < 4.2.27 Version: >= 4.1.0, < 4.1.30 Version: >= 4.0.0, < 4.0.30 Version: >= 3.9.0, < 3.9.31 Version: >= 3.8.0, < 3.8.33 Version: >= 3.7.0, < 3.7.33 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-xhx9-759f-6p2w"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"status": "affected",
"version": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"status": "affected",
"version": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"status": "affected",
"version": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"status": "affected",
"version": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"status": "affected",
"version": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"status": "affected",
"version": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"status": "affected",
"version": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"status": "affected",
"version": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"status": "affected",
"version": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-11T15:06:02",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-xhx9-759f-6p2w"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
}
],
"source": {
"advisory": "GHSA-xhx9-759f-6p2w",
"discovery": "UNKNOWN"
},
"title": "Unauthenticated disclosure of certain private posts in WordPress",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-11028",
"STATE": "PUBLIC",
"TITLE": "Unauthenticated disclosure of certain private posts in WordPress"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"version_value": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"version_value": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"version_value": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"version_value": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"version_value": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"version_value": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"version_value": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"version_value": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"version_value": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"version_value": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"version_value": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"version_value": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"version_value": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"version_value": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"version_value": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"version_value": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
}
]
},
"vendor_name": "WordPress"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates",
"refsource": "MISC",
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"name": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-xhx9-759f-6p2w",
"refsource": "CONFIRM",
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-xhx9-759f-6p2w"
},
{
"name": "DSA-4677",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4677"
},
{
"name": "[debian-lts-announce] 20200511 [SECURITY] [DLA 2208-1] wordpress security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00011.html"
}
]
},
"source": {
"advisory": "GHSA-xhx9-759f-6p2w",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-11028",
"datePublished": "2020-04-30T22:15:23",
"dateReserved": "2020-03-30T00:00:00",
"dateUpdated": "2024-08-04T11:21:14.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-11030 (GCVE-0-2020-11030)
Vulnerability from cvelistv5
Published
2020-04-30 22:15
Modified
2024-08-04 11:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-707 - Improper Neutralization
Summary
In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WordPress | WordPress |
Version: >= 5.4.0, < 5.4.1 Version: >= 5.3.0, < 5.3.3 Version: >= 5.2.0, < 5.2.6 Version: >= 5.1.0, < 5.1.5 Version: >= 5.0.0, < 5.0.9 Version: >= 4.9.0, < 4.9.14 Version: >= 4.8.0, < 4.8.13 Version: >= 4.7.0, < 4.7.17 Version: >= 4.6.0, < 4.6.18 Version: >= 4.5.0, < 4.5.21 Version: >= 4.4.0, < 4.4.22 Version: >= 4.3.0, < 4.3.23 Version: >= 4.2.0, < 4.2.27 Version: >= 4.1.0, < 4.1.30 Version: >= 4.0.0, < 4.0.30 Version: >= 3.9.0, < 3.9.31 Version: >= 3.8.0, < 3.8.33 Version: >= 3.7.0, < 3.7.33 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"status": "affected",
"version": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"status": "affected",
"version": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"status": "affected",
"version": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"status": "affected",
"version": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"status": "affected",
"version": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"status": "affected",
"version": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"status": "affected",
"version": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"status": "affected",
"version": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"status": "affected",
"version": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"status": "affected",
"version": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"status": "affected",
"version": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-707",
"description": "CWE-707: Improper Neutralization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-06T12:06:11",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh"
},
{
"name": "DSA-4677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4677"
}
],
"source": {
"advisory": "GHSA-vccm-6gmc-qhjh",
"discovery": "UNKNOWN"
},
"title": "Cross-site scripting (XSS) in Search block in WordPress",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-11030",
"STATE": "PUBLIC",
"TITLE": "Cross-site scripting (XSS) in Search block in WordPress"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.4.0, \u003c 5.4.1"
},
{
"version_value": "\u003e= 5.3.0, \u003c 5.3.3"
},
{
"version_value": "\u003e= 5.2.0, \u003c 5.2.6"
},
{
"version_value": "\u003e= 5.1.0, \u003c 5.1.5"
},
{
"version_value": "\u003e= 5.0.0, \u003c 5.0.9"
},
{
"version_value": "\u003e= 4.9.0, \u003c 4.9.14"
},
{
"version_value": "\u003e= 4.8.0, \u003c 4.8.13"
},
{
"version_value": "\u003e= 4.7.0, \u003c 4.7.17"
},
{
"version_value": "\u003e= 4.6.0, \u003c 4.6.18"
},
{
"version_value": "\u003e= 4.5.0, \u003c 4.5.21"
},
{
"version_value": "\u003e= 4.4.0, \u003c 4.4.22"
},
{
"version_value": "\u003e= 4.3.0, \u003c 4.3.23"
},
{
"version_value": "\u003e= 4.2.0, \u003c 4.2.27"
},
{
"version_value": "\u003e= 4.1.0, \u003c 4.1.30"
},
{
"version_value": "\u003e= 4.0.0, \u003c 4.0.30"
},
{
"version_value": "\u003e= 3.9.0, \u003c 3.9.31"
},
{
"version_value": "\u003e= 3.8.0, \u003c 3.8.33"
},
{
"version_value": "\u003e= 3.7.0, \u003c 3.7.33"
}
]
}
}
]
},
"vendor_name": "WordPress"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-707: Improper Neutralization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates",
"refsource": "MISC",
"url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"
},
{
"name": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh",
"refsource": "CONFIRM",
"url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh"
},
{
"name": "DSA-4677",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4677"
}
]
},
"source": {
"advisory": "GHSA-vccm-6gmc-qhjh",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-11030",
"datePublished": "2020-04-30T22:15:14",
"dateReserved": "2020-03-30T00:00:00",
"dateUpdated": "2024-08-04T11:21:14.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3590 (GCVE-0-2022-3590)
Vulnerability from cvelistv5
Published
2022-12-14 08:33
Modified
2025-04-21 14:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:14:02.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/c8814e6e-78b3-4f63-a1d3-6906a84c1f11"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-3590",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-21T14:10:54.697734Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T14:12:02.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"lessThanOrEqual": "6.1.1",
"status": "affected",
"version": "4.1.30",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thomas Chauchefoin"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
},
{
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-10T09:10:27.114Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/c8814e6e-78b3-4f63-a1d3-6906a84c1f11"
},
{
"url": "https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WP \u003c= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-3590",
"datePublished": "2022-12-14T08:33:40.434Z",
"dateReserved": "2022-10-18T14:10:29.395Z",
"dateUpdated": "2025-04-21T14:12:02.956Z",
"requesterUserId": "dc9e157c-ddf1-4983-adaf-9f01d16b5e04",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54352 (GCVE-0-2025-54352)
Vulnerability from cvelistv5
Published
2025-07-21 00:00
Modified
2025-07-21 18:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-669 - Incorrect Resource Transfer Between Spheres
Summary
WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54352",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-21T18:14:44.588087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T18:15:20.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WordPress",
"vendor": "WordPress",
"versions": [
{
"lessThanOrEqual": "6.8.2",
"status": "affected",
"version": "3.5",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.8.2",
"versionStartIncluding": "3.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-669",
"description": "CWE-669 Incorrect Resource Transfer Between Spheres",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T04:27:10.814Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.imperva.com/blog/beware-a-threat-actor-could-steal-the-titles-of-your-private-and-draft-wordpress-posts/"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-54352",
"datePublished": "2025-07-21T00:00:00.000Z",
"dateReserved": "2025-07-21T00:00:00.000Z",
"dateUpdated": "2025-07-21T18:15:20.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}