CVE-2018-20149

CVE Database · CVE-2018-20149

CVE-2018-20149

· N/AModified

CVSS v3.1

N/A

EPSS

3.44%

Published

Dec 14, 2018

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data.

Weaknesses (CWE)

CWE-79

Affected Products (4)

wordpress · wordpress (up to 4.9.9)vulnerable

wordpress · wordpress (up to 5.0.1)vulnerable

debian · debian_linuxvulnerable

References (18)

http://www.securityfocus.com/bid/106220

Third Party AdvisoryVDB Entry

https://codex.wordpress.org/Version_4.9.9

ProductVendor Advisory

https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/02/msg00019.html

Mailing ListThird Party Advisory

https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/

Release NotesVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs