Operating System:

[WIN][UNIX/Linux]

Published:

20 September 2017

Protect yourself against future threats.

//Service

Early Warning SMS

Receive SMS notifications for the most critical security threats and vulnerabilities.

Read more
Resources > Security Bulletins > ASB-2017.0151 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2017.0151
             WordPress 4.8.2 Security and Maintenance Release
                             20 September 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Wordpress
Operating System:     UNIX variants (UNIX, Linux, OSX)
                      Windows
Impact/Access:        Execute Arbitrary Code/Commands -- Remote/Unauthenticated      
                      Cross-site Scripting            -- Remote with User Interaction
                      Access Confidential Data        -- Remote/Unauthenticated      
                      Provide Misleading Information  -- Remote with User Interaction
Resolution:           Patch/Upgrade
Member content until: Friday, October 20 2017

OVERVIEW

        Multiple vulnerabilities have been identified in WordPress prior to
        version 4.8.2. [1]


IMPACT

        The vendor has provided the following details regarding the 
        vulnerability:
        
        "$wpdb->prepare() can create unexpected and unsafe queries leading
        to potential SQL injection (SQLi). WordPress core is not directly 
        vulnerable to this issue, but we've added hardening to prevent 
        plugins and themes from accidentally causing a vulnerability. 
        Reported by Slavco
        
        A cross-site scripting (XSS) vulnerability was discovered in the 
        oEmbed discovery. Reported by xknown of the WordPress Security Team.
        
        A cross-site scripting (XSS) vulnerability was discovered in the 
        visual editor. Reported by Rodolfo Assis (@brutelogic) of Sucuri 
        Security.
        
        A path traversal vulnerability was discovered in the file unzipping
        code. Reported by Alex Chapman (noxrnet).
        
        A cross-site scripting (XSS) vulnerability was discovered in the 
        plugin editor. Reported by (Chen Ruiqi).
        
        An open redirect was discovered on the user and term edit screens. 
        Reported by Yasin Soliman (ysx).
        
        A path traversal vulnerability was discovered in the customizer. 
        Reported by Weston Ruter of the WordPress Security Team.
        
        A cross-site scripting (XSS) vulnerability was discovered in 
        template names. Reported by Luka (sikic).
        
        A cross-site scripting (XSS) vulnerability was discovered in the 
        link modal. Reported by Anas Roubi (qasuar). " [1]


MITIGATION

        The vendor strongly encourages users to update to the latest 
        version. [1]


REFERENCES

        [1] WordPress 4.8.2 Security and Maintenance Release
            https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWcHd0Ix+lLeg9Ub1AQgIdg/+M7IRrR8Q3JQI1XwXuAo3voidF4sd/0Rw
sft87Ml2WUgRX+4ARzMmnFg9XaWtwZU7//b13lCYUi1ANvFWvW1drBnJGE5g57a0
XyO1JzigyagHIZuFMwwomIAa/O79vOEX584LoZ7+OwwWxKC5TFwWw+Umtan86fvN
RakZ25T+DIrGVeAphDV7ycL6ZyCut5HOeazmzNAuxY4H7NUpPbYtI8+2KEMhbWvG
ov81xF+6zRwNIRtWYjo4tnT218e7dw9gVMeksZ1cwxwXidvOmQVUP9H0nBeD3aLd
s0gQ9opdbcZZe8v/IdVKMfo3FuchBXRLu59cm+ynn1u/JfAKPZ6+G1GhvF6hh5MC
IQAMPNpiAmxR171SBDNYyDojghkWPNb0EZmNmYaLaEUbXCeoCe67SCoPHBP3uDAZ
4a3aXS+xqIA8TUc+0u3cGgR5EzswNaty5tbWmU1r/ldZHlgO1DpFMNd1yhTm1yMw
IHIz631dPUf8CUYOn1iPGq2GndCVOHdYuaygdJkbSAT+7ICjuyvvA8KEoLejVIXg
71ScgRqyMnDaVlLDJi1D0uduFjH0Lvz29Xvv6gHTuiT0lRRGVGuMGHyiVOci7U7S
q5EaGRHLIbfVuxuRl95oIfpcIthSm8s6WOehyEvOTFAuBWn+8OpQdbL+IPbhCC1Q
A7nQWmw0FC8=
=1NiK
-----END PGP SIGNATURE-----