[wp-trac] [WordPress Trac] #52067: Cross Site Scripting Vulnerability on "Comment" WordPress Version 5.6

WordPress Trac noreply at wordpress.org
Mon Dec 14 13:10:35 UTC 2020


#52067: Cross Site Scripting Vulnerability on "Comment" WordPress Version 5.6
---------------------------+------------------------------
 Reporter:  tucuong97      |       Owner:  (none)
     Type:  defect (bug)   |      Status:  new
 Priority:  normal         |   Milestone:  Awaiting Review
Component:  Script Loader  |     Version:  5.6
 Severity:  critical       |  Resolution:
 Keywords:                 |     Focuses:
---------------------------+------------------------------

Comment (by ethicalhack3r):

 According to your screenshots, you were authenticated as an Administrator
 user when you submitted the payload.

 Administrator and Editor users are permitted to submit unfiltered HTML and
 JavaScript. WordPress allows them to do this. These users have the
 unfiltered_html capability.

 https://wordpress.org/support/article/roles-and-
 capabilities/#unfiltered_html

 This is not a security vulnerability in the WordPress eco-system.

 You can test this yourself by adding the following to your wp-config.php
 file, which disables this capability:

 {{{#!php
 define( 'DISALLOW_UNFILTERED_HTML', true );
 }}}


 You will notice that with this constant set to true, that you will not be
 able to reproduce your issue.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/52067#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list