oss-sec mailing list archives
CVE Request: wordpress: information leakage and backdoor vulnerabilities in writing settings
From: Ratul Gupta <ratulg () redhat com>
Date: Mon, 23 Dec 2013 11:17:48 +0530
Hello, https://bugzilla.redhat.com/show_bug.cgi?id=1045416It was found that the login and password from e-mail are saved in DB in plain text (unencrypted) in Writing Settings (http://site/wp-admin/options-writing.php), if this functionality is used. So by receiving data from DB via SQL Injection or Information Leakage vulnerability, or by receiving content of this page via XSS, or by accessing admin panel via any vulnerability, it's possible to get login and password from e-mail account.
Also, this functionality can be used as backdoor. When attacker's e-mail is set in options Writing Settings, from which the posts will be published at web site. With XSS code, with black SEO links, with malware code, etc.
Can a CVE please be assigned to this? -- Regards, Ratul Gupta / Red Hat Security Response Team
Current thread:
- CVE Request: wordpress: information leakage and backdoor vulnerabilities in writing settings Ratul Gupta (Dec 22)