vulnerability

Debian: CVE-2018-12895: wordpress -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:P/I:P/A:P)	2018-06-26	2018-07-19	2024-11-27

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

2018-06-26

Added

2018-07-19

Modified

2024-11-27

Description

WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.

Solution

debian-upgrade-wordpress

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today