CVE-2024-6307

NameCVE-2024-6307
DescriptionWordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions prior to 6.5.5 due to insufficient input sanitization and output escaping on URLs. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1074486

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
wordpress (PTS)jessie, jessie (lts)4.1.35+dfsg-0+deb8u1vulnerable
stretch (security), stretch (lts), stretch4.7.23+dfsg-0+deb9u1vulnerable
buster (security), buster, buster (lts)5.0.21+dfsg1-0+deb10u1vulnerable
bullseye (security), bullseye5.7.11+dfsg1-0+deb11u1fixed
bookworm (security), bookworm6.1.6+dfsg1-0+deb12u1vulnerable
sid, trixie6.6.1+dfsg1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
wordpresssourcejessie(unfixed)end-of-life
wordpresssourcestretch(unfixed)end-of-life
wordpresssourcebuster(unfixed)end-of-life
wordpresssourcebullseye(not affected)
wordpresssource(unstable)6.5.5+dfsg1-11074486

Notes

[bullseye] - wordpress <not-affected> (The vulnerable code was introduced later)
https://wordpress.org/news/2024/06/wordpress-6-5-5/
https://core.trac.wordpress.org/changeset/58473
https://core.trac.wordpress.org/changeset/58472
Search for package or bug name: Reporting problems