CVE-2020-4050 — Authentication Bypass Using an Alternate Path or Channel in Wordpress
Severity
3.1LOWNVD
EPSS
2.4%
top 14.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 12
Latest updateJun 18
Description
In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed, it can be leveraged by low privileged users. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, …
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.6 | Impact: 1.4
Affected Packages4 packages
Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 31, 32
Patches
🔴Vulnerability Details
1OSV▶
CVE-2020-4050: In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved↗2020-06-12
📋Vendor Advisories
1Debian▶
CVE-2020-4050: wordpress - In affected versions of WordPress, misuse of the `set-screen-option` filter's re...↗2020
💬Community
3Bugzilla▶
CVE-2020-4050 wordpress: set-screen-option filter misuse by plugins leads to privilege escalation↗2020-06-18
Bugzilla▶
CVE-2020-4050 wordpress: set-screen-option filter misuse by plugins leads to privilege escalation [epel-all]↗2020-06-18
Bugzilla▶
CVE-2020-4050 wordpress: set-screen-option filter misuse by plugins leads to privilege escalation [fedora-all]↗2020-06-18