CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-28033 – WordPress Core < 5.5.2 - Spam Embed on Multisite Installations
https://notcve.org/view.php?id=CVE-2020-28033
WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed. WordPress versiones anteriores a 5.5.2, maneja inapropiadamente las inserciones de sitios deshabilitados en una red multisitio, como es demostrado al permitir una inserción de spam • https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release https://www. • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.1EPSS: 4%CPEs: 6EXPL: 0CVE-2020-28034 – WordPress Core < 5.5.2 - Reflected Cross-Site Scripting via Global Variables
https://notcve.org/view.php?id=CVE-2020-28034
WordPress before 5.5.2 allows XSS associated with global variables. WordPress versiones anteriores a 5.5.2, permite un ataque de tipo XSS asociado con variables globales • https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release https://www. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-26596 – Elementor Pro <= 3.0.5 - Authenticated Remote Code Execution in Dynamic OOO Widget
https://notcve.org/view.php?id=CVE-2020-26596
The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute arbitrary code because only the Editor role is needed to upload executable PHP code via the PHP Raw snippet. NOTE: this issue can be mitigated by removing the Dynamic OOO widget or by restricting availability of the Editor role. El widget Dynamic OOO para el plugin Elementor Pro versiones hasta 3.0.5 para WordPress, permite a usuarios autenticados remotos ejecutar código arbitrario porque solo se necesita el rol Editor para cargar código PHP ejecutable por medio del fragmento PHP Raw. NOTA: este problema se puede mitigar eliminando el widget Dynamic OOO o restringiendo la disponibilidad del rol Editor • https://elementor.com/pro/changelog https://ww2.compunet.cl/dia-cero-en-plugin-de-wordpres-detectada-compunet-redteam • CWE-269: Improper Privilege Management •
CVSS: 3.5EPSS: 0%CPEs: 23EXPL: 0CVE-2020-4049 – Authenticated self-XSS via theme uploads in WordPress
https://notcve.org/view.php?id=CVE-2020-4049
In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34). En las versiones afectadas de WordPress, cuando se cargan temas, el nombre de la carpeta temas puede ser diseñada en una manera que podría conllevar a una ejecución de JavaScript en /wp-admin en la página temas. Esto requiere un administrador para cargar el tema, y ?? • https://github.com/WordPress/wordpress-develop/commit/404f397b4012fd9d382e55bf7d206c1317f01148 https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-87h4-phjv-rm6p https://lists.debian.org/debian-lts-announce/2020/07/msg00000.html https://lists.debian.org/debian-lts-announce/2020/09/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/773N2ZV7QEMBGKH6FBKI6Q5S3YJMW357 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OD • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 5.4EPSS: 0%CPEs: 22EXPL: 0CVE-2020-4046 – Authenticated XSS through embed block in WordPress
https://notcve.org/view.php?id=CVE-2020-4046
In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this could lead to script execution in the editor/wp-admin. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34). En las versiones afectadas de WordPress, los usuarios con pocos privilegios (como colaboradores y autores) pueden usar el bloque incorporado de determinada manera para inyectar HTML no filtrado en el editor de bloques. Cuando las publicaciones afectadas son vistas por un usuario con mayores privilegios, esto podría conllevar a una ejecución de script en el archivo editor/wp-admin. • https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rpwf-hrh2-39jf https://lists.debian.org/debian-lts-announce/2020/07/msg00000.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/773N2ZV7QEMBGKH6FBKI6Q5S3YJMW357 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ODNHXVJS25YVWYQHOCICXTLIN5UYJFDN https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release https://www.debian.org/security/2020/dsa • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •