WordPress before 5.2.3 allows XSS in post previews by authenticated users.

Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks, create files on the server, disclose private information, create open redirects, poison cache, and bypass authorization access and input sanitation.

Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks, create open redirects, poison cache, and bypass authorization access and input sanitation.

Several cross-site scripting (XSS) vulnerabilities were discovered in Wordpress, a popular content management framework. An attacker can use these flaws to send malicious scripts to an unsuspecting user.

For Debian 8 'Jessie', these problems have been fixed in version 4.1.27+dfsg-0+deb8u1.

We recommend that you upgrade your wordpress packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :

 - A cross-site scripting (XSS) vulnerability in post previews by contributors.

 - A cross-site scripting (XSS) vulnerability in stored comments.

 - An unspecified issue with validation and sanitization of a URL which could lead to an open redirect.

 - A reflected cross-site scripting (XSS) vulnerability in media uploads functionality.

 - A cross-site scripting (XSS) vulnerability in shortcode previews.

 - A reflected cross-site scripting (XSS) vulnerability in the dashboard.

 - An issue with URL sanitization that can lead to cross-site scripting (XSS) attacks.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

According to its self-reported version number, the WordPress application running on the remote web server is affected by multiple vulnerabilities:
  - An open redirect vulnerability exists in WordPress due to improper sanitization of user-supplied input to HTTP   request parameters. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially   crafted link, to redirect a user to a malicious website. (CVE-2019-16220)

  - Multiple cross-site scripting (XSS) vulnerabilities exist in WordPress due to improper validation of user-supplied   input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to   click a specially crafted URL, to execute arbitrary script code in a user's browser session.   (CVE-2019-16217, CVE-2019-16218, CVE-2019-16219, CVE-2019-16221, CVE-2019-16222, CVE-2019-16223)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
136373	Debian DSA-4677-1 : wordpress - security update	Nessus	Debian Local Security Checks	critical
132736	Debian DSA-4599-1 : wordpress - security update	Nessus	Debian Local Security Checks	critical
130029	Debian DLA-1960-1 : wordpress security update	Nessus	Debian Local Security Checks	medium
98700	WordPress 5.2.x < 5.2.3 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98699	WordPress 5.1.x < 5.1.2 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98698	WordPress 5.0.x < 5.0.6 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98697	WordPress 4.9.x < 4.9.11 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98696	WordPress 4.8.x < 4.8.10 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98695	WordPress 4.7.x < 4.7.14 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98694	WordPress 4.6.x < 4.6.15 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98693	WordPress 4.5.x < 4.5.18 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98692	WordPress 4.4.x < 4.4.19 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98691	WordPress 4.3.x < 4.3.20 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98690	WordPress 4.2.x < 4.2.24 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98689	WordPress 4.1.x < 4.1.27 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98688	WordPress 4.0.x < 4.0.27 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98687	WordPress 3.9.x < 3.9.28 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98686	WordPress 3.8.x < 3.8.30 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
98685	WordPress 3.7.x < 3.7.30 Multiple Vulnerabilities	Web App Scanning	Component Vulnerability	medium
128554	WordPress <= 3.6.1 / 3.7.x < 3.7.30 / 3.8.x < 3.8.30 / 3.9.x < 3.9.28 / 4.0.x < 4.0.27 / 4.1.x < 4.1.27 / 4.2.x < 4.2.24 / 4.3.x < 4.3.20 / 4.4.x < 4.4.19 / 4.5.x < 4.5.18 / 4.6.x < 4.6.15 / 4.7.x < 4.7.14 / 4.8.x < 4.8.10 / 4.9.x < 4.9.11 / 5.0.x < 5.0.6 / 5.1.x < 5.1.2 / 5.2.x < 5.2.3 Multiple Vulnerabilities	Nessus	CGI abuses	medium

Detections

Analytics

CVE-2019-16223

medium

Tenable Plugins

critical

critical

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium