Cross-site Request Forgery (CSRF) Affecting wordpress package, versions <5.1.1+dfsg1-1
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIANUNSTABLE-WORDPRESS-340535
- published 14 Mar 2019
- disclosed 14 Mar 2019
Introduced: 14 Mar 2019
CVE-2019-9787 Open this link in a new tabHow to fix?
Upgrade Debian:unstable wordpress to version 5.1.1+dfsg1-1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream wordpress package and not the wordpress package as distributed by Debian.
See How to fix? for Debian:unstable relevant fixed versions and status.
WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.
References
- https://security-tracker.debian.org/tracker/CVE-2019-9787
- https://www.debian.org/security/2020/dsa-4677
- https://lists.debian.org/debian-lts-announce/2019/03/msg00044.html
- https://github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b
- https://blog.ripstech.com/2019/wordpress-csrf-to-rce/
- https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/
- https://wordpress.org/support/wordpress-version/version-5-1-1/
- https://wpvulndb.com/vulnerabilities/9230
- http://www.securityfocus.com/bid/107411