SB2012042202 - Multiple vulnerabilities in WordPress
Published: April 22, 2012 Updated: November 1, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Cross-site scripting (CVE-ID: CVE-2012-2399)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products when processing buttonText parameter, a different vulnerability than CVE-2012-3414. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
2) Input validation error (CVE-ID: CVE-2012-2400)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impact and attack vectors.
3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-2402)
The vulnerability allows a remote #AU# to manipulate or delete data.
wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.
4) Cross-site scripting (CVE-ID: CVE-2012-2403)
The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when processing data passed via unspecified vectors. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
5) Cross-site scripting (CVE-ID: CVE-2012-2404)
The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when processing data passed via unspecified vectors. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Remediation
Install update from vendor's website.
References
- http://core.trac.wordpress.org/browser/branches/3.3/wp-includes/js/swfupload/swfupload.swf?rev=20503
- http://jvn.jp/en/jp/JVN25280162/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-002110
- http://make.wordpress.org/core/2013/06/21/secure-swfupload/
- http://osvdb.org/81459
- http://packetstormsecurity.com/files/120746/SWFUpload-Content-Spoofing-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/122399/tinymce11-xss.txt
- http://seclists.org/fulldisclosure/2013/Mar/110
- http://secunia.com/advisories/49138
- http://wordpress.org/news/2012/04/wordpress-3-3-2/
- http://www.debian.org/security/2012/dsa-2470
- http://www.openwall.com/lists/oss-security/2013/07/18/13
- http://www.osvdb.org/91134
- http://www.securityfocus.com/bid/53192
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75210
- http://core.trac.wordpress.org/changeset/20499/branches/3.3/wp-includes/js/swfobject.js
- http://osvdb.org/81460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75209
- http://core.trac.wordpress.org/changeset/20526/branches/3.3/wp-admin/plugins.php
- http://osvdb.org/81462
- http://secunia.com/advisories/48957
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75090
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75207
- http://core.trac.wordpress.org/changeset/20493/branches/3.3/wp-includes/capabilities.php
- http://core.trac.wordpress.org/changeset/20493/branches/3.3/wp-includes/formatting.php
- http://osvdb.org/81463
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75206
- http://core.trac.wordpress.org/changeset/20486/branches/3.3/wp-comments-post.php
- http://osvdb.org/81464
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75092
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75202