CVE-2017-17092
published 2017-12-02CVE-2017-17092: wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers…
PriorityP434medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
EXPLOIT
EPSS
4.13%
89.6th percentile
wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | wordpress | < wordpress 4.9.1+dfsg-1 (bookworm) | wordpress 4.9.1+dfsg-1 (bookworm) |
| wordpress | wordpress | < 4.9.1 | 4.9.1 |
| wordpress | wordpress | >= 0 < 4.9.1+dfsg-1 | 4.9.1+dfsg-1 |
| wordpress | wordpress | >= 0 < 4.9.1+dfsg-1 | 4.9.1+dfsg-1 |
| wordpress | wordpress | >= 0 < 4.9.1+dfsg-1 | 4.9.1+dfsg-1 |
| wordpress | wordpress | >= 0 < 4.9.1+dfsg-1 | 4.9.1+dfsg-1 |
CVSS provenance
nvdv3.05.4MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
osv5.4MEDIUM
vendor_debian5.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-256m-wxxh-gf6h: wp-includes/functions
ghsa_unreviewed·2022-05-14
CVE-2017-17092 [MEDIUM] CWE-79 GHSA-256m-wxxh-gf6h: wp-includes/functions
wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.
OSV
CVE-2017-17092: wp-includes/functions
osv·2017-12-02·CVSS 5.4
CVE-2017-17092 [MEDIUM] CVE-2017-17092: wp-includes/functions
wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.
Debian
CVE-2017-17092: wordpress - wp-includes/functions.php in WordPress before 4.9.1 does not require the unfilte...
vendor_debian·2017·CVSS 5.4
CVE-2017-17092 [MEDIUM] CVE-2017-17092: wordpress - wp-includes/functions.php in WordPress before 4.9.1 does not require the unfilte...
wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.
Scope: local
bookworm: resolved (fixed in 4.9.1+dfsg-1)
bullseye: resolved (fixed in 4.9.1+dfsg-1)
forky: resolved (fixed in 4.9.1+dfsg-1)
sid: resolved (fixed in 4.9.1+dfsg-1)
trixie: resolved (fixed in 4.9.1+dfsg-1)
No detection rules found.
Nuclei
WordPress < 4.9.1 - Authenticated JavaScript File Upload
nuclei·CVSS 5.4
CVE-2017-17092 [MEDIUM] WordPress < 4.9.1 - Authenticated JavaScript File Upload
WordPress < 4.9.1 - Authenticated JavaScript File Upload
WordPress before 4.9.1 contains a cross-site scripting caused by not requiring unfiltered_html capability for uploading .js files in functions.php, letting remote attackers execute scripts via crafted files, exploit requires upload permissions.
Template:
id: CVE-2017-17092
info:
name: WordPress < 4.9.1 - Authenticated JavaScript File Upload
author: 0x_Akoko
severity: medium
description: |
WordPress before 4.9.1 contains a cross-site scripting caused by not requiring unfiltered_html capability for uploading .js files in functions.php, letting remote attackers execute scripts via crafted files, exploit requires upload permissions.
impact: |
Remote attackers can execute arbitrary JavaScript in the context of the site, leading to pot
No writeups or analysis indexed.
http://www.securityfocus.com/bid/102024https://codex.wordpress.org/Version_4.9.1https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509https://lists.debian.org/debian-lts-announce/2017/12/msg00019.htmlhttps://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/https://wpvulndb.com/vulnerabilities/8966https://www.debian.org/security/2018/dsa-4090http://www.securityfocus.com/bid/102024https://codex.wordpress.org/Version_4.9.1https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509https://lists.debian.org/debian-lts-announce/2017/12/msg00019.htmlhttps://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/https://wpvulndb.com/vulnerabilities/8966https://www.debian.org/security/2018/dsa-4090
2017-12-02
Published