Versions of WordPress prior to 4.2.4 are susceptible to the following vulnerabilities :
- A cross-site scripting vulnerability exists due to the ‘default-widgets.php’ script not validating input to widget titles before returning it to users. A remote attacker, using a crafted request, can exploit this to execute arbitrary script in the user’s browser session. (CVE-2015-5732)
- A cross-site scripting vulnerability exists due to the ‘nav-menu.js’ script not validating input to accessibility helper titles before returning it to users. A remote attacker, using a crafted request, can exploit this to execute arbitrary script in the user’s browser session. (CVE-2015-5733)
- A cross-site scripting vulnerability exists due to the ‘theme.php’ script not validating input before returning it to users. A remote attacker, using a crafted request, can exploit this to execute arbitrary script in the user’s browser session. (CVE-2015-5734)
- An SQL injection vulnerability exists in the ‘post.php’ script due to a failure to sanitize user-supplied input to the ‘comment_ID’ parameter before using it in SQL queries. A remote attacker can exploit this to inject SQL queries against the back-end database, allowing the disclosure or manipulation of data. (CVE-2015-2213)
- An unspecified flaw that affects ‘class-wp-customize-widgets.php’ which allows an attacker to perform a side-channel timing attack. No other details are available. (CVE-2015-5731)
- A flaw exists in the ‘post.php’ script. This may allow a remote attacker to lock a post, preventing anyone else, including authorized users, from editing it. (CVE-2015-5731)