Bird_banner_small4
WordPress REST API Posts Controller Privilege Escalation
TSL ID TSL20170202-11
CVE ID(s) Not available.
Severity High
Description

A privilege escalation vulnerability exists in WordPress. The vulnerability is due to improper handling of post id's within the REST API posts controller.

A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to a vulnerable WordPress website. Successful exploitation of this vulnerability could lead to arbitrary modification of WordPress post content.

The vendor, WordPress, has released the following update to address these vulnerabilities:

https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/

Affected Products
  • WordPress Project WordPress prior to 4.7.2
CVSS Score Base 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P):
  • Access vector is NETWORK
  • Access complexity is LOW
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is NONE
  • Impact of this vulnerability on data integrity is PARTIAL
  • Impact of this vulnerability on data availability is PARTIAL
Temporal 5.0 (E:POC/RL:OF/RC:C):
  • The exploitability level of this vulnerability is PROOF OF CONCEPT
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
References https://blogs.akamai.com/2017/02/wordpress-web-api-vulnerability.html
https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
https://packetstormsecurity.com/files/140902
https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
Related Threats