Changelog
wordpress (4.7.5+dfsg-2+deb9u6) stretch-security; urgency=high
* Importing Wordpress 4.7.17/5.4.1 updates Closes: #959391
- CVE-2020-11025
XSS vulnerability in the navigation section of Customizer allows
JavaScript code to be executed.
- CVE-2020-11026
uploaded files to Media section to lead to script execution
- CVE-2020-11027
Password reset link does not expire
- CVE-2020-11028
Private posts can be found through searching by date
- CVE-2020-11029
XSS in stats() method in class-wp-object-cache
Not vulnerable:
- CVE-2020-11030 (feature introduced 5.0)
Special payload can execute scripts in block editor
* Importing Wordpress 4.7.16/5.3.1 updates Closes: #946905
- CVE-2019-20043
an unprivileged user could make a post sticky via the REST API.
- CVE-2019-20041
hardening wp_kses_bad_protocol() to ensure that it is aware
of the named colon attribute.
Not vulnerable:
- CVE-2019-20042 (function introduced 5.1.0)
cross-site scripting (XSS) could be stored in well-crafted links
- CVE-2019-16780 and CVE-2019-16781 (feature introduced 5.0)
stored XSS vulnerability using block editor content.
* Importing Wordpress 4.7.15/5.2.4 updates Closes: #942459
- CVE-2019-17674
Stored XSS in the Customizer
- CVE-2019-17671
Viewing unauthenticated posts
- CVE-2019-17672
Stored XSS to inject javascript into style tags
- CVE-2019-17673
Poisoning JSON GET requests
- CVE-2019-17669
SSRF in URL vaidation
- CVE-2019-17675
Referer validation in admin screens
* Importing Wordpress 4.7.14/5.2.3 updates Closes: #939543
- CVE-2019-16223
XSS in post previews
- CVE-2019-16218
XSS in stored comments
- CVE-2019-16220
Open redirect due to validation and sanitization
- CVE-2019-16217
XSS in media uploads
- CVE-2019-16219
XSS in shortcode previews
- CVE-2019-16221
XSS in dashboard
- CVE-2019-16222
XSS in URL sanitization
* Security patches from 5.1.1/4.7.13
* Fixes XSS security hole in comments CVE-2019-9787 Closes: #924546
-- Craig Small <email address hidden> Sat, 02 May 2020 15:23:57 +1000