2294204 – (CVE-2024-6305, CVE-2024-6306, CVE-2024-6307) CVE-2024-6306 CVE-2024-6307 CVE-2024-6305 wordpress: multiple vulnerabilities

Bug 2294204 (CVE-2024-6305, CVE-2024-6306, CVE-2024-6307) - CVE-2024-6306 CVE-2024-6307 CVE-2024-6305 wordpress: multiple vulnerabilities

Summary: CVE-2024-6306 CVE-2024-6307 CVE-2024-6305 wordpress: multiple vulnerabilities

Keywords:
Status:	NEW
Alias:	CVE-2024-6305, CVE-2024-6306, CVE-2024-6307
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2294206 2294205
Blocks:
TreeView+	depends on / blocked

Reported:	2024-06-25 12:55 UTC by Patrick Del Bello
Modified:	2024-06-25 12:55 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Patrick Del Bello 2024-06-25 12:55:21 UTC

WordPress Core is vulnerable to Stored Cross-Site Scripting via the Template Part Block in various versions up to 6.5.5 due to insufficient input sanitization and output escaping on the 'tagName' attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

https://core.trac.wordpress.org/changeset/58471
https://wordpress.org/news/2024/06/wordpress-6-5-5/
https://www.wordfence.com/threat-intel/vulnerabilities/id/2a225ccb-a7dc-4437-bd97-b309d6ae6a47?source=cve

Comment 1 Patrick Del Bello 2024-06-25 12:55:37 UTC

Created wordpress tracking bugs for this issue:

Affects: epel-all [bug 2294206]
Affects: fedora-all [bug 2294205]

Note You need to log in before you can comment on or make changes to this bug.