CVE-2021-29447 — HIGH (7.1)

Q: How severe is CVE-2021-29447?

CVE-2021-29447 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-29447?

Check the references section above for vendor advisories and patch information. Affected products include: Wordpress Wordpress, Debian Debian Linux.

Vulnerability Description

Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Wordpress	Wordpress	>= 5.6.0, < 5.7.1
Debian	Debian Linux	9.0

Related Weaknesses (CWE)

CWE-611

References

http://packetstormsecurity.com/files/163148/XML-External-Entity-Via-MP3-File-UplThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/164198/WordPress-5.7-Media-Library-XML-InjeExploitThird Party AdvisoryVDB Entry
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability/ExploitThird Party Advisory
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc5Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/04/msg00017.htmlMailing ListThird Party Advisory
https://wordpress.org/news/category/security/Release NotesVendor Advisory
https://www.debian.org/security/2021/dsa-4896Third Party Advisory
http://packetstormsecurity.com/files/163148/XML-External-Entity-Via-MP3-File-UplThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/164198/WordPress-5.7-Media-Library-XML-InjeExploitThird Party AdvisoryVDB Entry
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability/ExploitThird Party Advisory
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc5Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/04/msg00017.htmlMailing ListThird Party Advisory
https://wordpress.org/news/category/security/Release NotesVendor Advisory
https://www.debian.org/security/2021/dsa-4896Third Party Advisory

FAQ

What is CVE-2021-29447?

CVE-2021-29447 is a vulnerability with a CVSS score of 7.1 (HIGH). Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installa...

How severe is CVE-2021-29447?

CVE-2021-29447 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-29447?

Check the references section above for vendor advisories and patch information. Affected products include: Wordpress Wordpress, Debian Debian Linux.