CVE-2021-29447

Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
GitHub_MCNA
7.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
wordpresswordpress
5.6.0 ≤
𝑥
< 5.7.1
debiandebian_linux
9.0
debiandebian_linux
10.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
wordpress
bullseye (security)
5.7.11+dfsg1-0+deb11u1
fixed
bullseye
5.7.11+dfsg1-0+deb11u1
fixed
bookworm
6.1.6+dfsg1-0+deb12u1
fixed
bookworm (security)
6.1.6+dfsg1-0+deb12u1
fixed
sid
6.6.1+dfsg1-1
fixed
trixie
6.6.1+dfsg1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
wordpress
noble
needs-triage
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
needs-triage
impish
ignored
hirsute
ignored
groovy
ignored
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
trusty
dne
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/163148/XML-External-Entity-Via-MP3-File-Upload-On-WordPress.html
http://packetstormsecurity.com/files/164198/WordPress-5.7-Media-Library-XML-Injection.html
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability/
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc52-qrhh
https://lists.debian.org/debian-lts-announce/2021/04/msg00017.html
https://wordpress.org/news/category/security/
https://www.debian.org/security/2021/dsa-4896
http://packetstormsecurity.com/files/163148/XML-External-Entity-Via-MP3-File-Upload-On-WordPress.html
http://packetstormsecurity.com/files/164198/WordPress-5.7-Media-Library-XML-Injection.html
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability/
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc52-qrhh
https://lists.debian.org/debian-lts-announce/2021/04/msg00017.html
https://wordpress.org/news/category/security/
https://www.debian.org/security/2021/dsa-4896