Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-20043

In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.

Published

2019-12-27T08:15:09.807

Last Modified

2024-11-21T04:37:56.830

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-269

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	wordpress	wordpress	< 5.3.1	Yes
Operating System	debian	debian_linux	9.0	Yes
Operating System	debian	debian_linux	10.0	Yes

References

https://core.trac.wordpress.org/changeset/46893/trunk Patch ([email protected])
https://github.com/WordPress/wordpress-develop/commit/1d1d5be7aa94608c04516cac4238e8c22b93c1d9 Third Party Advisory ([email protected])
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-g7rg-hchx-c2gw Third Party Advisory ([email protected])
https://seclists.org/bugtraq/2020/Jan/8 Mailing List, Third Party Advisory ([email protected])
https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/ Release Notes, Vendor Advisory ([email protected])
https://wpvulndb.com/vulnerabilities/9973 Release Notes, Third Party Advisory ([email protected])
https://www.debian.org/security/2020/dsa-4599 Third Party Advisory ([email protected])
https://www.debian.org/security/2020/dsa-4677 Third Party Advisory ([email protected])
https://core.trac.wordpress.org/changeset/46893/trunk Patch (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/WordPress/wordpress-develop/commit/1d1d5be7aa94608c04516cac4238e8c22b93c1d9 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-g7rg-hchx-c2gw Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://seclists.org/bugtraq/2020/Jan/8 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/ Release Notes, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://wpvulndb.com/vulnerabilities/9973 Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2020/dsa-4599 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2020/dsa-4677 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)