Lucene search
Onur YILMAZPACKETSTORM:131802HistoryMay 07, 2015 - 12:00 a.m.
WordPress Twenty Fifteen 4.2.1 Cross Site Scripting
2015-05-0700:00:00
Onur YILMAZ
packetstormsecurity.com
58
0.004 Low
EPSS
Percentile
74.9%
`Information
--------------------
Advisory by Netsparker.
Name: DOM XSS Vulnerability in Twenty Fifteen WordPress Theme
Affected Software : WordPress
Affected Versions: 4.2.1 and probably below
Vendor Homepage : https://wordpress.org/ and
https://wordpress.org/themes/twentyfifteen/
Vulnerability Type : DOM based Cross-site Scripting
Severity : Important
CVE-ID: CVE-2015-3429
Netsparker Advisory Reference : NS-15-007
Description
--------------------
By exploiting a Cross-site scripting vulnerability the attacker can
hijack a logged in userโs session. This means that the malicious
hacker can change the logged in userโs password and invalidate the
session of the victim while the hacker maintains access. As seen from
the XSS example in this article, if a web application is vulnerable to
cross-site scripting and the administratorโs session is hijacked, the
malicious hacker exploiting the vulnerability will have full admin
privileges on that web application.
Technical Details
--------------------
Proof of Concept URL for DOM XSS in WordPress:
http://example.com/wordpress/wp-content/themes/twentyfifteen/genericons/example.html#<img/src/onerror=alert(123)>
For more information on DOM based cross-site scripting vulnerabilities
read the following article:
https://www.netsparker.com/blog/web-security/dom-based-cross-site-scripting-vulnerability/
Advisory Timeline
--------------------
22/04/2015 - First Contact
07/05/2015 - Vulnerability fixed
07/05/2014 - Advisory released
Solution
--------------------
Download WordPress version 4.2.2 which includes fix for this vulnerability.
Credits & Authors
--------------------
These issues have been discovered by Omar Kurt while testing
Netsparker Web Application Security Scanner -
https://www.netsparker.com/web-vulnerability-scanner/
About Netsparker
--------------------
Netsparker finds and reports security issues and vulnerabilities such
as SQL Injection and Cross-site Scripting (XSS) in all websites and
web applications regardless of the platform and the technology they
are built on. Netsparker's unique detection and exploitation
techniques allows it to be dead accurate in reporting hence it's the
first and the only False Positive Free web application security
scanner. For more information visit our website on
https://www.netsparker.com
`
Related
patchstack
patchstack
WordPress Genericons Plugin <= 4.2.1 - XSS
2015-04-27 00:00:00
nvd
nvd
CVE-2015-3429
2015-06-17 18:59:03
checkpoint_advisories
checkpoint_advisories
WordPress Genericons Cross-Site Scripting (CVE-2015-3429)
2016-03-10 00:00:00
thn
thn
WordPress Vulnerability Puts Millions of Websites At Risk
2015-05-06 23:58:00
debiancve
debiancve
CVE-2015-3429
2015-06-17 18:59:03
wpexploit
wpexploit
Twenty Fifteen Theme <= 1.1 - DOM Cross-Site Scripting (XSS)
2015-05-06 00:00:00
cve
cve
CVE-2015-3429
2015-06-17 18:59:03
cvelist
cvelist
CVE-2015-3429
2015-06-17 18:00:00
ubuntucve
ubuntucve
CVE-2015-3429
2015-06-17 00:00:00
wpvulndb
wpvulndb
Twenty Fifteen Theme <= 1.1 - DOM Cross-Site Scripting (XSS)
2015-05-06 00:00:00
prion
prion
Cross site scripting
2015-06-17 18:59:00
securityvulns
securityvulns
Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429
2015-05-11 00:00:00
[SECURITY] [DSA 3328-1] wordpress security update
2015-08-24 00:00:00
nessus
nessus
Debian DSA-3328-1 : wordpress - security update
2015-08-13 00:00:00
Fedora 21 : wordpress-4.2.2-1.fc21 (2015-6808)
2015-05-21 00:00:00
Fedora 20 : wordpress-4.2.2-1.fc20 (2015-6790)
2015-05-21 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3328-1)
2015-08-03 00:00:00
Debian Security Advisory DSA 3328-1 (wordpress - security update)
2015-08-04 00:00:00
debian
debian
[SECURITY] [DSA 3328-1] wordpress security update
2015-08-04 06:51:55
[SECURITY] [DSA 3328-2] wordpress regression update
2015-08-04 15:36:24
osv
osv
wordpress - security update
2015-08-04 00:00:00