SB2016090705 - Directory traversal in upgrade package uploader in WordPress WordPress
Published: September 7, 2016
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Directory traversal in upgrade package uploader (CVE-ID: CVE-2016-7169)
CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient sanitization of input data within the upgrade package uploader. A remote authenticated user can use directory traversal sequences to write files outside the webroot directory.
Successful exploitation of this vulnerability may lead to website compromise.
Remediation
Install update from vendor's website.
References
- https://codex.wordpress.org/Version_3.7.16
- https://codex.wordpress.org/Version_3.8.16
- https://codex.wordpress.org/Version_3.9.14
- https://codex.wordpress.org/Version_4.0.13
- https://codex.wordpress.org/Version_4.1.13
- https://codex.wordpress.org/Version_4.2.10
- https://codex.wordpress.org/Version_4.3.6
- https://codex.wordpress.org/Version_4.4.5
- https://codex.wordpress.org/Version_4.5.4
- https://codex.wordpress.org/Version_4.6.1