WordPress version 5.3.4 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability

Summary

In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page.

Credit:

The information has been provided by Andrea Fercia

The original article can be found at:https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/


Details

This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).

 

Vulnerable Systems:

WordPress version 5.3.4

WordPress version 5.2.7

WordPress version 5.1.6

WordPress version 5.0.10

WordPress version 4.9.15

WordPress version 4.8.14

WordPress version 4.7.18

WordPress version 4.6.19

WordPress version 4.5.22

WordPress version 4.4.23

WordPress version 4.3.24

WordPress version 4.2.28

WordPress version 4.1.31

WordPress version 4.0.31

WordPress version 3.9.32

WordPress version 3.8.34

WordPress version 3.7.34

 

CVE Information:

CVE-2020-4049

 

Disclosure Timeline:
Published Date:6/12/2020

Categories: News