DebianDEBIAN:DLA-1151-1:7BFD7[SECURITY] [DLA 1151-1] wordpress security update
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.9%
Package : wordpress
Version : 3.6.1+dfsg-1~deb7u17
CVE ID : CVE-2016-9263 CVE-2017-14718 CVE-2017-14719
CVE-2017-14720 CVE-2017-14721 CVE-2017-14722
CVE-2017-14723 CVE-2017-14725 CVE-2017-14990
Debian Bug : 876274 877629
Several vulnerabilities were discovered in wordpress, a web blogging
tool. The Common Vulnerabilities and Exposures project identifies the
following issues.
CVE-2016-9263
When domain-based flashmediaelement.swf sandboxing is not used,
allows remote attackers to conduct cross-domain Flash injection
(XSF) attacks by leveraging code contained within the
wp-includes/js/mediaelement/flashmediaelement.swf file.
This issue was resolved by completely removing
flashmediaelement.swf.
CVE-2017-14718
WordPress was susceptible to a Cross-Site Scripting attack in the
link modal via a javascript: or data: URL.
CVE-2017-14719
WordPress was vulnerable to a directory traversal attack during
unzip operations in the ZipArchive and PclZip components.
CVE-2017-14720
WordPress allowed a Cross-Site scripting attack in the template list
view via a crafted template name.
CVE-2017-14721
WordPress allowed Cross-Site scripting in the plugin editor via a
crafted plugin name.
CVE-2017-14722
WordPress allowed a Directory Traversal attack in the Customizer
component via a crafted theme filename.
CVE-2017-14723
WordPress mishandled % characters and additional placeholder values
in $wpdb->prepare, and thus did not properly address the possibility
of plugins and themes enabling SQL injection attacks.
CVE-2017-14725
WordPress was susceptible to an open redirect attack in
wp-admin/user-edit.php.
CVE-2017-14990
WordPress stores cleartext wp_signups.activation_key values (but
stores the analogous wp_users.user_activation_key values as hashes),
which might make it easier for remote attackers to hijack
unactivated user accounts by leveraging database read access
(such as access gained through an unspecified SQL injection
vulnerability).
For Debian 7 "Wheezy", these problems have been fixed in version
3.6.1+dfsg-1~deb7u17.
We recommend that you upgrade your wordpress packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | all | wordpress-l10n | < 3.6.1+dfsg-1~deb7u17 | wordpress-l10n_3.6.1+dfsg-1~deb7u17_all.deb |
| Debian | 7 | all | wordpress | < 3.6.1+dfsg-1~deb7u17 | wordpress_3.6.1+dfsg-1~deb7u17_all.deb |
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.9%