CVE-2019-9787

Published: 14 March 2019

WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
wordpress
Launchpad, Ubuntu, Debian
Upstream
Released (5.1.1+dfsg1-1)
Ubuntu 20.10 (Groovy Gorilla) Not vulnerable
(5.1.1+dfsg1-1)
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(5.1.1+dfsg1-1)
Ubuntu 18.04 LTS (Bionic Beaver) Needs triage

Ubuntu 16.04 LTS (Xenial Xerus) Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was needs-triage)