Vulnerability CVE-2018-20151


Published: 2018-12-14

Description:
In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was generated by default.

Type:

CWE-200

(Information Exposure)

Vendor: Debian
Product: Debian linux 
Version: 9.0; 8.0;
Vendor: Wordpress
Product: Wordpress 
Version:
5.0
4.9.8
4.9.7
4.9.6
4.9.5
4.9.4
4.9.3
4.9.2
4.9.1
4.9
4.8.8
4.8.7
4.8.6
4.8.5
4.8.4
4.8.3
4.8.2
4.8.1
4.8
4.7.9
4.7.8
4.7.7
4.7.6
4.7.5
4.7.4
4.7.3
4.7.2
4.7.12
4.7.11
4.7.10
4.7.1
4.7
4.6.9
4.6.8
4.6.7
4.6.6
4.6.5
4.6.4
4.6.3
4.6.2
4.6.13
4.6.12
4.6.11
4.6.10
4.6.1
4.6
4.5.9
4.5.8
4.5.7
4.5.6
4.5.5
4.5.4
4.5.3
4.5.2
4.5.16
4.5.15
4.5.14
4.5.13
4.5.12
4.5.11
4.5.10
4.5.1
4.5
4.4.9
4.4.8
4.4.7
4.4.6
4.4.5
4.4.4
4.4.3
4.4.2
4.4.17
4.4.16
4.4.15
4.4.14
4.4.13
4.4.12
4.4.11
4.4.10
4.4.1
4.4.0
4.4
4.3.9
4.3.8
4.3.7
4.3.6
4.3.5
4.3.4
4.3.3
4.3.2
4.3.18
4.3.17
4.3.16
4.3.15
4.3.14
4.3.13
4.3.12
4.3.11
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://www.securityfocus.com/bid/106220
https://codex.wordpress.org/Version_4.9.9
https://lists.debian.org/debian-lts-announce/2019/02/msg00019.html
https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
https://wordpress.org/support/wordpress-version/version-5-0-1/
https://wpvulndb.com/vulnerabilities/9174
https://www.debian.org/security/2019/dsa-4401
https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords/

Related CVE
CVE-2019-16223
WordPress before 5.2.3 allows XSS in post previews by authenticated users.
CVE-2019-16222
WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.
CVE-2019-16221
WordPress before 5.2.3 allows reflected XSS in the dashboard.
CVE-2019-16220
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect.
CVE-2019-16219
WordPress before 5.2.3 allows XSS in shortcode previews.
CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments.
CVE-2019-16217
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.
CVE-2017-6514
WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "author_name":" substring.

Copyright 2019, cxsecurity.com

 

Back to Top