Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 720220 (CVE-2020-11025, CVE-2020-11026, CVE-2020-11027, CVE-2020-11028, CVE-2020-11029, CVE-2020-11030) - <www-apps/wordpress-5.4.1: Multiple vulnerabilities (CVE-2020-{11025,11026,11027,11028,11029,11030})
Summary: <www-apps/wordpress-5.4.1: Multiple vulnerabilities (CVE-2020-{11025,11026,11...
Status: RESOLVED FIXED
Alias: CVE-2020-11025, CVE-2020-11026, CVE-2020-11027, CVE-2020-11028, CVE-2020-11029, CVE-2020-11030
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://wordpress.org/support/wordpre...
Whiteboard: ~2 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-05-01 02:51 UTC by GLSAMaker/CVETool Bot
Modified: 2020-05-01 03:26 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2020-05-01 02:51:17 UTC
CVE-2020-11030 (https://nvd.nist.gov/vuln/detail/CVE-2020-11030):
  In affected versions of WordPress, a special payload can be crafted that can
  lead to scripts getting executed within the search block of the block
  editor. This requires an authenticated user with the ability to add content.
  This has been patched in version 5.4.1, along with all the previously
  affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14,
  4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30,
  3.9.31, 3.8.33, 3.7.33).

CVE-2020-11029 (https://nvd.nist.gov/vuln/detail/CVE-2020-11029):
  In affected versions of WordPress, a vulnerability in the stats() method of
  class-wp-object-cache.php can be exploited to execute cross-site scripting
  (XSS) attacks. This has been patched in version 5.4.1, along with all the
  previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5,
  5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27,
  4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVE-2020-11028 (https://nvd.nist.gov/vuln/detail/CVE-2020-11028):
  In affected versions of WordPress, some private posts, which were previously
  public, can result in unauthenticated disclosure under a specific set of
  conditions. This has been patched in version 5.4.1, along with all the
  previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5,
  5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27,
  4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVE-2020-11027 (https://nvd.nist.gov/vuln/detail/CVE-2020-11027):
  In affected versions of WordPress, a password reset link emailed to a user
  does not expire upon changing the user password. Access would be needed to
  the email account of the user by a malicious party for successful execution.
  This has been patched in version 5.4.1, along with all the previously
  affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14,
  4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30,
  3.9.31, 3.8.33, 3.7.33).

CVE-2020-11026 (https://nvd.nist.gov/vuln/detail/CVE-2020-11026):
  In affected versions of WordPress, files with a specially crafted name when
  uploaded to the Media section can lead to script execution upon accessing
  the file. This requires an authenticated user with privileges to upload
  files. This has been patched in version 5.4.1, along with all the previously
  affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14,
  4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30,
  3.9.31, 3.8.33, 3.7.33).

CVE-2020-11025 (https://nvd.nist.gov/vuln/detail/CVE-2020-11025):
  In affected versions of WordPress, a cross-site scripting (XSS)
  vulnerability in the navigation section of Customizer allows JavaScript code
  to be executed. Exploitation requires an authenticated user. This has been
  patched in version 5.4.1, along with all the previously affected versions
  via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17,
  4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33,
  3.7.33).
Comment 1 Sam James archtester gentoo-dev Security 2020-05-01 02:52:23 UTC
@maintainer(s), please cleanup
Comment 2 Larry the Git Cow gentoo-dev 2020-05-01 03:19:26 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f24a81cb520d980ba42f0a637585caeb72312eb

commit 6f24a81cb520d980ba42f0a637585caeb72312eb
Author:     Miroslav Šulc <fordfrog@gentoo.org>
AuthorDate: 2020-05-01 03:19:00 +0000
Commit:     Miroslav Šulc <fordfrog@gentoo.org>
CommitDate: 2020-05-01 03:19:00 +0000

    www-apps/wordpress: removed vulnerable 5.4
    
    Bug: https://bugs.gentoo.org/720220
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org>

 www-apps/wordpress/Manifest             |  1 -
 www-apps/wordpress/wordpress-5.4.ebuild | 57 ---------------------------------
 2 files changed, 58 deletions(-)
Comment 3 Sam James archtester gentoo-dev Security 2020-05-01 03:26:04 UTC
Thanks!