CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-20042 – WordPress Core < 5.3.1 - Authenticated Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-20042
In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. En wp-includes / formatting.php en WordPress 3.7 a 5.3.0, la función wp_targeted_link_rel () se puede usar de una manera particular para generar una vulnerabilidad de scripting entre sitios (XSS) almacenada. Esto se ha solucionado en WordPress 5.3.1, junto con todas las versiones anteriores de WordPress desde 3.7 a 5.3 a través de una versión menor. • https://blog.ripstech.com/filter/vulnerabilities https://core.trac.wordpress.org/changeset/46894/trunk https://github.com/WordPress/wordpress-develop/commit/1f7f3f1f59567e2504f0fbebd51ccf004b3ccb1d https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-xvg2-m2f4-83m7 https://hackerone.com/reports/509930 https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/9975 https://www.debian.org&# • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2019-20043 – WordPress Core < 5.3.1 - Authorization Bypass
https://notcve.org/view.php?id=CVE-2019-20043
In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. En wp-includes / rest-api / endpoints / class-wp-rest-posts-controller.php en WordPress 3.7 a 5.3.0, los usuarios autenticados que no tienen los derechos para publicar una publicación pueden marcar publicaciones como fijas o antiadherente a través de la API REST. Por ejemplo, el rol de contribuyente no tiene tales derechos, pero esto les permitió evitarlo. • https://core.trac.wordpress.org/changeset/46893/trunk https://github.com/WordPress/wordpress-develop/commit/1d1d5be7aa94608c04516cac4238e8c22b93c1d9 https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-g7rg-hchx-c2gw https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/9973 https://www.debian.org/security/2020/dsa-4599 https://www.debian.org/security/2020/dsa-4677 • CWE-269: Improper Privilege Management CWE-285: Improper Authorization •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-19296
https://notcve.org/view.php?id=CVE-2018-19296
PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack. PHPMailer en versiones anteriores a la 5.2.27 y versiones 6.x anteriores a la 6.0.6 es vulnerable a un ataque de inyección de objetos. • https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.27 https://github.com/PHPMailer/PHPMailer/releases/tag/v6.0.6 https://lists.debian.org/debian-lts-announce/2018/12/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3B5WDPGUFNPG4NAZ6G4BZX43BKLAVA5B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPU66INRFY5BQ3ESVPRUXJR4DXQAFJVT https://www.debian.org/security/2018/dsa-4351 • CWE-502: Deserialization of Untrusted Data CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •