Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 720220 (CVE-2020-11025, CVE-2020-11026, CVE-2020-11027, CVE-2020-11028, CVE-2020-11029, CVE-2020-11030)

Summary: <www-apps/wordpress-5.4.1: Multiple vulnerabilities (CVE-2020-{11025,11026,11027,11028,11029,11030})
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: web-apps
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
Whiteboard: ~2 [noglsa cve]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2020-05-01 02:51:17 UTC 
CVE-2020-11030 (https://nvd.nist.gov/vuln/detail/CVE-2020-11030):
  In affected versions of WordPress, a special payload can be crafted that can
  lead to scripts getting executed within the search block of the block
  editor. This requires an authenticated user with the ability to add content.
  This has been patched in version 5.4.1, along with all the previously
  affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14,
  4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30,
  3.9.31, 3.8.33, 3.7.33).

CVE-2020-11029 (https://nvd.nist.gov/vuln/detail/CVE-2020-11029):
  In affected versions of WordPress, a vulnerability in the stats() method of
  class-wp-object-cache.php can be exploited to execute cross-site scripting
  (XSS) attacks. This has been patched in version 5.4.1, along with all the
  previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5,
  5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27,
  4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVE-2020-11028 (https://nvd.nist.gov/vuln/detail/CVE-2020-11028):
  In affected versions of WordPress, some private posts, which were previously
  public, can result in unauthenticated disclosure under a specific set of
  conditions. This has been patched in version 5.4.1, along with all the
  previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5,
  5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27,
  4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVE-2020-11027 (https://nvd.nist.gov/vuln/detail/CVE-2020-11027):
  In affected versions of WordPress, a password reset link emailed to a user
  does not expire upon changing the user password. Access would be needed to
  the email account of the user by a malicious party for successful execution.
  This has been patched in version 5.4.1, along with all the previously
  affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14,
  4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30,
  3.9.31, 3.8.33, 3.7.33).

CVE-2020-11026 (https://nvd.nist.gov/vuln/detail/CVE-2020-11026):
  In affected versions of WordPress, files with a specially crafted name when
  uploaded to the Media section can lead to script execution upon accessing
  the file. This requires an authenticated user with privileges to upload
  files. This has been patched in version 5.4.1, along with all the previously
  affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14,
  4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30,
  3.9.31, 3.8.33, 3.7.33).

CVE-2020-11025 (https://nvd.nist.gov/vuln/detail/CVE-2020-11025):
  In affected versions of WordPress, a cross-site scripting (XSS)
  vulnerability in the navigation section of Customizer allows JavaScript code
  to be executed. Exploitation requires an authenticated user. This has been
  patched in version 5.4.1, along with all the previously affected versions
  via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17,
  4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33,
  3.7.33).
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-05-01 02:52:23 UTC 
@maintainer(s), please cleanup
Comment 2 Larry the Git Cow gentoo-dev 2020-05-01 03:19:26 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f24a81cb520d980ba42f0a637585caeb72312eb

commit 6f24a81cb520d980ba42f0a637585caeb72312eb
Author:     Miroslav Šulc <fordfrog@gentoo.org>
AuthorDate: 2020-05-01 03:19:00 +0000
Commit:     Miroslav Šulc <fordfrog@gentoo.org>
CommitDate: 2020-05-01 03:19:00 +0000

    www-apps/wordpress: removed vulnerable 5.4
    
    Bug: https://bugs.gentoo.org/720220
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org>

 www-apps/wordpress/Manifest             |  1 -
 www-apps/wordpress/wordpress-5.4.ebuild | 57 ---------------------------------
 2 files changed, 58 deletions(-)
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-05-01 03:26:04 UTC 
Thanks!