Wordpress Multiple Vulnerabilities Fixed by 4.2.3


Description   (#Several vulnerabilities have been identified in Wordpress:#- CVE-2015-5622: stored cross-site scripting vulnerability. An authenticated remote attacker could exploit it by inserting arbitrary JavaScript or HTML code on a WordPress page or post. To exploit this vulnerability, the attacker must have Contributor or Author level account##- CVE-2015-5623: security bypass vulnerability. An attacker with Subscriber permissions could exploit it in order to create a draft via "Quick Draft".##A proof of concept is available for the CVE-2015-5622 vulnerability.##The wordpress packages provided by Debian Squeeze 6, Wheezy 7 and Jessie 8 are vulnerable.##The wordpress packages provided by FreeBSD are vulnerable.)
     
Vulnerable Products   Vulnerable OS:
Fedora (Red Hat) - 21, 22FreeBSD (FreeBSD) - AllGNU/Linux (Debian) - 6, 7, 8Vulnerable Software:
WordPress (WordPress) - 1.5, 1.5.1.1, 2.0, 2.0.1, 2.0.3, ..., 4.1.1, 4.1.2, 4.2, 4.2.1, 4.2.2
     
Solution   Following to a regression, Debian has released a new update for the wordpress package which fixes this vulnerability for Debian Jessie 8.
     
CVE   CVE-2015-5623
CVE-2015-5622
     
References   - klikki : WordPress < 4.2.3 Stored XSS
https://klikki.fi/adv/wordpress3.html
- Wordpress : 4.2.3 Security and Maintenance Release
https://wordpress.org/news/2015/07/wordpress-4-2-3/
- Debian Security Tracker : wordpress
https://security-tracker.debian.org/tracker/CVE-2015-5622
https://security-tracker.debian.org/tracker/CVE-2015-5623
- VuXML : wordpress -- XSS vulnerability
http://www.vuxml.org/freebsd/c80b27a2-3165-11e5-8a1d-14dae9d210b8.html
- DSA 3328-1 : wordpress security update
http://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00224.html
- DSA 3328-2 : wordpress regression update
http://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00225.html
- DSA 3332-1 : wordpress security update
https://lists.debian.org/debian-security-announce/2015/msg00230.html
- FEDORA-2015-12235 : Fedora 22 Update: wordpress-4.2.4-1.fc22
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163732.html
- FEDORA-2015-12148 : Fedora 21 Update: wordpress-4.2.4-1.fc21
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163720.html
- DLA 294-1 : wordpress security update
https://lists.debian.org/debian-lts-announce/2015/08/msg00008.html
- DSA 3383-1: wordpress security update
https://lists.debian.org/debian-security-announce/2015/msg00283.html
- DSA 3332-2 : wordpress regression update
https://lists.debian.org/debian-security-announce/2015/msg00282.html
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
XSS - Prevention - POST : suspicious 'meta' tag found in data
3.2.0
XSS - Prevention - POST : suspicious 'img' attribute found in data
3.2.0
XSS - Prevention - POST : suspicious 'style' tag found in data
5.0.0
XSS - Prevention - POST : javascript code found in data
5.0.0
XSS - Prevention - POST : suspicious tag with event found in data
5.0.0
XSS - Prevention - POST : suspicious 'embed' tag found in data
5.0.0
XSS - Prevention - POST : 'location' javascript object found in data
5.0.0
XSS - Prevention - POST : code allowing cookie access found in data
5.0.0
XSS - Prevention - POST : 'script' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'style' attribute found in data
5.0.0
XSS - Prevention - POST : suspicious 'applet' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'div' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'img' attribute found in data
5.0.0
XSS - Prevention - POST : suspicious 'meta' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'object' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'iframe' tag found in data
5.0.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2015-07-24 

 Target Type 
Server 

 Possible exploit 
Remote