WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Vulnerabilities

WordPress < 5.5.2 - Unauthenticated DoS Attack to RCE

Description

The release notes state:

"Props to Omar Ganiev who reported a method where a DoS attack could lead to RCE."

The attack consisted of creating a DoS condition on the MySQL database, which would make WordPress think that it has not been installed, presenting the installation wizard. The DoS attack would then need to be stopped. According the original researcher, the attack would be very hard to reproduce.

Affects WordPress

5.5.1
Fixed in version 5.5.2
5.5
Fixed in version 5.5.2

References

CVE
CVE-2020-28037
URL
https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
URL
https://github.com/WordPress/wordpress-develop/commit/2ca15d1e5ce70493c5c0c096ca0c76503d6da07c
URL
https://blog.wpscan.com/2020/10/30/wordpress-5.5.2-security-release.html
URL
https://threatpost.com/wordpress-patches-rce-bug/160812/

Classification

Type

DOS

CWE
CWE-400

Miscellaneous

Original Researcher

Omar Ganiev

Verified

No

WPVDB ID
016774df-5031-4315-a893-a47d99273883

Timeline

Publicly Published

2020-10-29 (about 2 years ago)

Added

2020-10-29 (about 2 years ago)

Last Updated

2020-11-03 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin