CVE-2020-11030 - OpenCVE

In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Wordpress	Wordpress

Configuration 1 [-]

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

No data.

References

Link	Providers
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh
https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
https://www.debian.org/security/2020/dsa-4677

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2020-04-30T22:15:14

Updated: 2024-08-04T11:21:14.171Z

Reserved: 2020-03-30T00:00:00

Link: CVE-2020-11030

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-04-30T23:15:11.823

Modified: 2020-08-18T15:05:57.750

Link: CVE-2020-11030

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "WordPress", "vendor": "WordPress", "versions": [{"status": "affected", "version": ">= 5.4.0, < 5.4.1"}, {"status": "affected", "version": ">= 5.3.0, < 5.3.3"}, {"status": "affected", "version": ">= 5.2.0, < 5.2.6"}, {"status": "affected", "version": ">= 5.1.0, < 5.1.5"}, {"status": "affected", "version": ">= 5.0.0, < 5.0.9"}, {"status": "affected", "version": ">= 4.9.0, < 4.9.14"}, {"status": "affected", "version": ">= 4.8.0, < 4.8.13"}, {"status": "affected", "version": ">= 4.7.0, < 4.7.17"}, {"status": "affected", "version": ">= 4.6.0, < 4.6.18"}, {"status": "affected", "version": ">= 4.5.0, < 4.5.21"}, {"status": "affected", "version": ">= 4.4.0, < 4.4.22"}, {"status": "affected", "version": ">= 4.3.0, < 4.3.23"}, {"status": "affected", "version": ">= 4.2.0, < 4.2.27"}, {"status": "affected", "version": ">= 4.1.0, < 4.1.30"}, {"status": "affected", "version": ">= 4.0.0, < 4.0.30"}, {"status": "affected", "version": ">= 3.9.0, < 3.9.31"}, {"status": "affected", "version": ">= 3.8.0, < 3.8.33"}, {"status": "affected", "version": ">= 3.7.0, < 3.7.33"}]}], "descriptions": [{"lang": "en", "value": "In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-707", "description": "CWE-707: Improper Neutralization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-05-06T12:06:11", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh"}, {"name": "DSA-4677", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2020/dsa-4677"}], "source": {"advisory": "GHSA-vccm-6gmc-qhjh", "discovery": "UNKNOWN"}, "title": "Cross-site scripting (XSS) in Search block in WordPress", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-11030", "STATE": "PUBLIC", "TITLE": "Cross-site scripting (XSS) in Search block in WordPress"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "WordPress", "version": {"version_data": [{"version_value": ">= 5.4.0, < 5.4.1"}, {"version_value": ">= 5.3.0, < 5.3.3"}, {"version_value": ">= 5.2.0, < 5.2.6"}, {"version_value": ">= 5.1.0, < 5.1.5"}, {"version_value": ">= 5.0.0, < 5.0.9"}, {"version_value": ">= 4.9.0, < 4.9.14"}, {"version_value": ">= 4.8.0, < 4.8.13"}, {"version_value": ">= 4.7.0, < 4.7.17"}, {"version_value": ">= 4.6.0, < 4.6.18"}, {"version_value": ">= 4.5.0, < 4.5.21"}, {"version_value": ">= 4.4.0, < 4.4.22"}, {"version_value": ">= 4.3.0, < 4.3.23"}, {"version_value": ">= 4.2.0, < 4.2.27"}, {"version_value": ">= 4.1.0, < 4.1.30"}, {"version_value": ">= 4.0.0, < 4.0.30"}, {"version_value": ">= 3.9.0, < 3.9.31"}, {"version_value": ">= 3.8.0, < 3.8.33"}, {"version_value": ">= 3.7.0, < 3.7.33"}]}}]}, "vendor_name": "WordPress"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-707: Improper Neutralization"}]}]}, "references": {"reference_data": [{"name": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates", "refsource": "MISC", "url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"}, {"name": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh", "refsource": "CONFIRM", "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh"}, {"name": "DSA-4677", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4677"}]}, "source": {"advisory": "GHSA-vccm-6gmc-qhjh", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:21:14.171Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh"}, {"name": "DSA-4677", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2020/dsa-4677"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-11030", "datePublished": "2020-04-30T22:15:14", "dateReserved": "2020-03-30T00:00:00", "dateUpdated": "2024-08-04T11:21:14.171Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E79CBDF-EE25-487C-8276-74F4928ECDFF", "versionEndExcluding": "5.4.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."}, {"lang": "es", "value": "En las versiones afectadas de WordPress, puede ser dise\u00f1ada una carga \u00fatil especial que puede conllevar a que los scripts sean ejecutados dentro del bloque de b\u00fasqueda del editor de bloques. Esto requiere un usuario autenticado con la capacidad de agregar contenido. Esto ha sido corregido en la versi\u00f3n 5.4.1, junto con todas las versiones afectadas anteriormente por medio de una versi\u00f3n menor (versiones 5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33)."}], "id": "CVE-2020-11030", "lastModified": "2020-08-18T15:05:57.750", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2020-04-30T23:15:11.823", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2020/dsa-4677"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-707"}], "source": "security-advisories@github.com", "type": "Secondary"}]}