You are here

U-206: WordPress Flaws Permit Cross-Site Scripting, Cross-Site Request Forgery, and Information Disclosure Attacks

July 6, 2012 - 7:00am

Addthis

PROBLEM:

WordPress Flaws Permit Cross-Site Scripting, Cross-Site Request Forgery, and Information Disclosure Attacks

PLATFORM:

Version(s): prior to 3.4.1

ABSTRACT:

Several vulnerabilities were reported in WordPress. A remote authenticated user can conduct cross-site scripting attacks. A remote user can conduct cross-site request forgery attacks. A remote authenticated user can obtain potentially sensitive information.

reference LINKS:

The Vendor's Advisory
WordPress 3.4.1 Maintenance and Security Release
SecurityTracker Alert ID: 1027219

IMPACT ASSESSMENT:

Medium

Discussion:

Several vulnerabilities were reported in WordPress. A remote authenticated user can conduct cross-site scripting attacks. A remote user can conduct cross-site request forgery attacks. A remote authenticated user can obtain potentially sensitive information. A remote authenticated user with administrator or editor privileges can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the WordPress software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user. Version 3.4.0 is affected.
A remote user can conduct cross-site request forgery attacks against the customizer to take actions on the site acting as the target user.
A remote authenticated user with author or user privileges can view private or draft post contents.

Impact:

A remote authenticated user can access the target user's cookies (including authentication cookies), if any, associated with the site running the WordPress software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user

Solution:

The vendor has issued a fix. (3.4.1).
 

Addthis