Debian Security Bug TrackerDEBIANCVE:CVE-2021-29450CVE-2021-29450
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.007 Low
EPSS
Percentile
79.6%
Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This requires at least contributor privileges. This has been patched in WordPress 5.7.1, along with the older affected versions via minor releases. It’s strongly recommended that you keep auto-updates enabled to receive the fix.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | wordpress | < 5.7.1+dfsg1-1 | wordpress_5.7.1+dfsg1-1_all.deb |
| Debian | 11 | all | wordpress | < 5.7.1+dfsg1-1 | wordpress_5.7.1+dfsg1-1_all.deb |
| Debian | 10 | all | wordpress | < 5.0.12+dfsg1-0+deb10u1 | wordpress_5.0.12+dfsg1-0+deb10u1_all.deb |
| Debian | 999 | all | wordpress | < 5.7.1+dfsg1-1 | wordpress_5.7.1+dfsg1-1_all.deb |
| Debian | 13 | all | wordpress | < 5.7.1+dfsg1-1 | wordpress_5.7.1+dfsg1-1_all.deb |
Related
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.007 Low
EPSS
Percentile
79.6%