WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Vulnerabilities

WordPress 5.4 to 5.8 - Authenticated XSS in Block Editor

Description

On September 9, 2021 WordPress version 5.8.1 was released fixing three vulnerabilities.

The official blog post states:

"Props to Michał Bentkowski of Securitum for reporting a XSS vulnerability in the block editor."

Further details:

The issue allows an authenticated but low-privileged user (like contributor/author) to execute XSS in the editor. This bypasses the restrictions imposed on users who do not have the permission to post unfiltered_html.

Affects WordPress

5.8
Fixed in version 5.8.1
5.7.2
Fixed in version 5.7.3
5.7.1
Fixed in version 5.7.3
5.7
Fixed in version 5.7.3
5.6.4
Fixed in version 5.6.5
5.6.3
Fixed in version 5.6.5
5.6.2
Fixed in version 5.6.5
5.6.1
Fixed in version 5.6.5
5.6
Fixed in version 5.6.5
5.5.5
Fixed in version 5.5.6

References

CVE
CVE-2021-39201
URL
https://wordpress.org/news/2021/09/wordpress-5-8-1-security-and-maintenance-release/
URL
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-wh69-25hr-h94v

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Michał Bentkowski of Securitum

Verified

No

WPVDB ID
5b754676-20f5-4478-8fd3-6bc383145811

Timeline

Publicly Published

2021-09-09 (about 11 months ago)

Added

2021-09-09 (about 11 months ago)

Last Updated

2022-05-19 (about 2 months ago)

Our Other Services

WPScan WordPress Security Plugin