WordPress < 4.2.4 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 9031

Synopsis

The remote server is hosting an outdated installation of WordPress that is vulnerable to multiple attack vectors.

Description

Versions of WordPress prior to 4.2.4 are susceptible to the following vulnerabilities :

- A cross-site scripting vulnerability exists due to the 'default-widgets.php' script not validating input to widget titles before returning it to users. A remote attacker, using a crafted request, can exploit this to execute arbitrary script in the user's browser session. (CVE-2015-5732)
- A cross-site scripting vulnerability exists due to the 'nav-menu.js' script not validating input to accessibility helper titles before returning it to users. A remote attacker, using a crafted request, can exploit this to execute arbitrary script in the user's browser session. (CVE-2015-5733)
- A cross-site scripting vulnerability exists due to the 'theme.php' script not validating input before returning it to users. A remote attacker, using a crafted request, can exploit this to execute arbitrary script in the user's browser session. (CVE-2015-5734)
- An SQL injection vulnerability exists in the 'post.php' script due to a failure to sanitize user-supplied input to the 'comment_ID' parameter before using it in SQL queries. A remote attacker can exploit this to inject SQL queries against the back-end database, allowing the disclosure or manipulation of data. (CVE-2015-2213)
- An unspecified flaw that affects 'class-wp-customize-widgets.php' which allows an attacker to perform a side-channel timing attack. No other details are available. (CVE-2015-5731)
- A flaw exists in the 'post.php' script. This may allow a remote attacker to lock a post, preventing anyone else, including authorized users, from editing it. (CVE-2015-5731)

Solution

Upgrade to WordPress 4.2.4, or later.

See Also

http://codex.wordpress.org/Version_4.2.4

https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release

Plugin Details

Severity: High

ID: 9031

Family: CGI

Published: 2015/12/17

Modified: 2018/07/11

Dependencies: 9035, 9036

Nessus ID: 85243

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress

Patch Publication Date: 2015/08/04

Vulnerability Publication Date: 2015/08/04

Reference Information

CVE: CVE-2015-2213, CVE-2015-5730, CVE-2015-5731, CVE-2015-5732, CVE-2015-5733, CVE-2015-5734

BID: 76160, 76331