[wp-trac] [WordPress Trac] #52067: Cross Site Scripting Vulnerability on "Comment" WordPress Version 5.6
WordPress Trac
noreply at wordpress.org
Mon Dec 14 13:10:35 UTC 2020
#52067: Cross Site Scripting Vulnerability on "Comment" WordPress Version 5.6
---------------------------+------------------------------
Reporter: tucuong97 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Script Loader | Version: 5.6
Severity: critical | Resolution:
Keywords: | Focuses:
---------------------------+------------------------------
Comment (by ethicalhack3r):
According to your screenshots, you were authenticated as an Administrator
user when you submitted the payload.
Administrator and Editor users are permitted to submit unfiltered HTML and
JavaScript. WordPress allows them to do this. These users have the
unfiltered_html capability.
https://wordpress.org/support/article/roles-and-
capabilities/#unfiltered_html
This is not a security vulnerability in the WordPress eco-system.
You can test this yourself by adding the following to your wp-config.php
file, which disables this capability:
{{{#!php
define( 'DISALLOW_UNFILTERED_HTML', true );
}}}
You will notice that with this constant set to true, that you will not be
able to reproduce your issue.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52067#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list