CVE-2021-39202 - OpenCVE

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the custom HTML widget. This has been patched in WordPress 5.8. It was only present during the testing/beta phase of WordPress 5.8.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wordpress	Wordpress

Configuration 1 [-]

OR	cpe:2.3:a:wordpress:wordpress:5.8:beta1::::::
	cpe:2.3:a:wordpress:wordpress:5.8:beta2::::::

No data.

References

Link	Providers
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-fr6h-3855-j297
https://hackerone.com/reports/1222797

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-09-09T21:55:11

Updated: 2024-08-04T01:58:18.268Z

Reserved: 2021-08-16T00:00:00

Link: CVE-2021-39202

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-09-09T22:15:09.590

Modified: 2021-09-24T13:53:00.603

Link: CVE-2021-39202

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "wordpress-develop", "vendor": "WordPress", "versions": [{"status": "affected", "version": "5.8 beta 1"}, {"status": "affected", "version": "5.8 beta 2"}]}], "descriptions": [{"lang": "en", "value": "WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the custom HTML widget. This has been patched in WordPress 5.8. It was only present during the testing/beta phase of WordPress 5.8."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-09T21:55:11", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-fr6h-3855-j297"}, {"tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1222797"}], "source": {"advisory": "GHSA-fr6h-3855-j297", "discovery": "UNKNOWN"}, "title": "WordPress 5.8 beta: Stored Cross-Site Scripting (XSS) vulnerability in widget", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-39202", "STATE": "PUBLIC", "TITLE": "WordPress 5.8 beta: Stored Cross-Site Scripting (XSS) vulnerability in widget"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "wordpress-develop", "version": {"version_data": [{"version_value": "5.8 beta 1"}, {"version_value": "5.8 beta 2"}]}}]}, "vendor_name": "WordPress"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the custom HTML widget. This has been patched in WordPress 5.8. It was only present during the testing/beta phase of WordPress 5.8."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-fr6h-3855-j297", "refsource": "CONFIRM", "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-fr6h-3855-j297"}, {"name": "https://hackerone.com/reports/1222797", "refsource": "MISC", "url": "https://hackerone.com/reports/1222797"}]}, "source": {"advisory": "GHSA-fr6h-3855-j297", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:58:18.268Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-fr6h-3855-j297"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1222797"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-39202", "datePublished": "2021-09-09T21:55:11", "dateReserved": "2021-08-16T00:00:00", "dateUpdated": "2024-08-04T01:58:18.268Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:5.8:beta1:*:*:*:*:*:*", "matchCriteriaId": "22BC078C-EFD8-4F7F-A3AB-146191A932A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:wordpress:wordpress:5.8:beta2:*:*:*:*:*:*", "matchCriteriaId": "AC9927CE-75C7-44B2-8D29-1753E32ED2DB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the custom HTML widget. This has been patched in WordPress 5.8. It was only present during the testing/beta phase of WordPress 5.8."}, {"lang": "es", "value": "WordPress es un sistema de administraci\u00f3n de contenidos gratuito y de c\u00f3digo abierto escrito en PHP y emparejado con una base de datos MySQL o MariaDB. En versiones afectadas, el editor de widgets introducido en la versi\u00f3n 5.8 beta 1 de WordPress, presenta un manejo inapropiado de la entrada HTML en la funcionalidad Custom HTML. Esto conlleva a una vulnerabilidad de tipo XSS almacenado en el widget de HTML personalizado. Esto ha sido parcheado en WordPress versi\u00f3n 5.8. S\u00f3lo estuvo presente durante la fase de pruebas/beta de WordPress versi\u00f3n 5.8"}], "id": "CVE-2021-39202", "lastModified": "2021-09-24T13:53:00.603", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-09-09T22:15:09.590", "references": [{"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-fr6h-3855-j297"}, {"source": "security-advisories@github.com", "tags": ["Permissions Required"], "url": "https://hackerone.com/reports/1222797"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}