5

CVE-2019-20043

WordPress Core < 5.3.1 - Authorization Bypass

In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.
Mögliche Gegenmaßnahme
WordPress: Update to one of the following versions, or a newer patched version: 3.7.32, 3.8.32, 3.9.30, 4.0.29, 4.1.29, 4.2.26, 4.3.22, 4.4.21, 4.5.20, 4.6.17, 4.7.16, 4.8.12, 4.9.13, 5.0.8, 5.1.4, 5.2.5, 5.3.1
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WordpressWordpress Version >= 3.7 < 5.3.1
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
Weitere Schwachstelleninformationen
SystemWordPress Core
Produkt WordPress
Version [*, 3.7)
Version 3.7-3.7.31
Version 3.8-3.8.31
Version 3.9-3.9.29
Version 4.0-4.0.28
Version 4.1-4.1.28
Version 4.2-4.2.25
Version 4.3-4.3.21
Version 4.4-4.4.20
Version 4.5-4.5.19
Version 4.6-4.6.16
Version 4.7-4.7.15
Version 4.8-4.8.11
Version 4.9-4.9.12
Version 5.0-5.0.7
Version 5.1-5.1.3
Version 5.2-5.2.4
Version 5.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.48% 0.825
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://www.debian.org/security/2020/dsa-4677
Third Party Advisory
https://seclists.org/bugtraq/2020/Jan/8
Third Party Advisory
Mailing List
https://www.debian.org/security/2020/dsa-4599
Third Party Advisory
https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
Vendor Advisory
Release Notes
https://core.trac.wordpress.org/changeset/46893/trunk
Patch
https://github.com/WordPress/wordpress-develop/commit/1d1d5be7aa94608c04516cac4238e8c22b93c1d9
Third Party Advisory
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-g7rg-hchx-c2gw
Third Party Advisory
https://wpvulndb.com/vulnerabilities/9973
Third Party Advisory
Release Notes
https://www.wordfence.com/threat-intel/vulnerabilities/id/5ceba1b2-2d39-4561-838b-b46e758517a3
Third Party Advisory