PRIOn knowledge basePRION:CVE-2019-20043Design/Logic Flaw
In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 9.0 | |
| debian_linux | eq | 10.0 | |
| wordpress | ge | 3.7 | |
| wordpress | lt | 5.3.1 |
References
core.trac.wordpress.org/changeset/46893/trunk
github.com/WordPress/wordpress-develop/commit/1d1d5be7aa94608c04516cac4238e8c22b93c1d9
github.com/WordPress/wordpress-develop/security/advisories/GHSA-g7rg-hchx-c2gw
seclists.org/bugtraq/2020/Jan/8
wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
wpvulndb.com/vulnerabilities/9973
www.debian.org/security/2020/dsa-4599
www.debian.org/security/2020/dsa-4677
Related
