CVE-2020-4050 Information

Feb 14, 2021 cve

Description

In affected versions of WordPress misuse of the set-screen-option filter’s return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed it can be leveraged by low privileged users. This has been patched in version 5.4.2 along with all the previously affected versions via a minor release (5.3.4 5.2.7 5.1.6 5.0.10 4.9.15 4.8.14 4.7.18 4.6.19 4.5.22 4.4.23 4.3.24 4.2.28 4.1.31 4.0.31 3.9.32 3.8.34 3.7.34).

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Reference

https://github.com/WordPress/wordpress-develop/commit/b8dea76b495f0072523106c6ec46b9ea0d2a0920 https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-4vpv-fgg2-gcqc https://lists.debian.org/debian-lts-announce/2020/07/msg00000.html https://lists.debian.org/debian-lts-announce/2020/09/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/773N2ZV7QEMBGKH6FBKI6Q5S3YJMW357/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODNHXVJS25YVWYQHOCICXTLIN5UYJFDN/ https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/ https://www.debian.org/security/2020/dsa-4709

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

3.1

Share on: