FreeBSD : wordpress -- multiple vulnerabilities (14ea4458-e5cd-11e6-b56d-38d547003487)

critical Nessus Plugin ID 96850

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Aaron D. Campbell reports :

WordPress versions 4.7.1 and earlier are affected by three security issues :

- The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it.

- WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we've added hardening to prevent plugins and themes from accidentally causing a vulnerability.

- A cross-site scripting (XSS) vulnerability was discovered in the posts list table.

- An unauthenticated privilege escalation vulnerability was discovered in a REST API endpoint.

Solution

Update the affected packages.

See Also

https://www.openwall.com/lists/oss-security/2017/01/28/5

https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/

http://www.nessus.org/u?aeb834e4

http://www.nessus.org/u?fc40e1c2

Plugin Details

Severity: Critical

ID: 96850

File Name: freebsd_pkg_14ea4458e5cd11e6b56d38d547003487.nasl

Version: 3.7

Type: local

Published: 1/30/2017

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:de-wordpress, p-cpe:/a:freebsd:freebsd:ja-wordpress, p-cpe:/a:freebsd:freebsd:ru-wordpress, p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_cn, cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:wordpress, p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_tw

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/29/2017

Vulnerability Publication Date: 1/26/2017

Reference Information

CVE: CVE-2017-5610, CVE-2017-5611, CVE-2017-5612