CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
84.3%
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :
A DOM-based cross-site scripting (XSS) vulnerability exists in the uploadSizeError() function within file wp-includes/js/plupload/handlers.js when handling overly large file uploads due to improper validation of user-supplied input to file names before returning it in error messages. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user’s browser session. (CVE-2017-9061)
A flaw exists in the set_custom_fields() function within file wp-includes/class-wp-xmlrpc-server.php when accessing post meta data due to improper validation of user-supplied input. An authenticated, remote attacker can exploit this to gain unauthorized access to meta data. (CVE-2017-9062)
A stored cross-site scripting (XSS) vulnerability exists within file wp-admin/customize.php script due to improper validation of user-supplied input to the blog name before returning it to users. An authenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user’s browser session. (CVE-2017-9063)
A cross-site request forgery (XSRF) vulnerability exists in the request_filesystem_credentials() function within file /wp-admin/includes/file.php due to a failure to require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. An unauthenticated, remote attacker can exploit this, by convincing a user to follow a specially crafted link, to disclose the user credentials. (CVE-2017-9064)
A flaw exists in the XML-RPC API, specifically within file wp-includes/class-wp-xmlrpc-server.php in the _insert_post() function, when handling post meta data due to a lack of capability checks. An unauthenticated, remote attacker can exploit this to manipulate posts without having the required capabilities. (CVE-2017-9065)
An flaw exists in the WP_Http::request() function within file wp-includes/class-http.php due to improper validation of user-supplied iput. An unauthenticated, remote attacker can exploit this to redirect the user to a URL of the attacker’s choosing. (CVE-2017-9066)
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9061
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9063
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9064
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9065
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9066
codex.wordpress.org/Version_4.5.9
wordpress.org/news/2017/05/wordpress-4-7-5/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
84.3%