Lucene search

Arch LinuxASA-201508-2

HistoryAug 07, 2015 - 12:00 a.m.

wordpress: multiple issues

2015-08-0700:00:00

Arch Linux

lists.archlinux.org

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

84.5%

JSON

CVE-2015-2213:

SQL injection in comments ID.

CVE-2015-5730:

Timing attack in widgets.

CVE-2015-5731:

Denial of service by locking a post from being edited.

CVE-2015-5732, CVE-2015-5733 CVE-2015-5734:

XSS.

OSVersionArchitecturePackageVersionFilename
anyanyanywordpress< 4.2.4-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
any	any	any	wordpress	< 4.2.4-1	UNKNOWN

References

access.redhat.com/security/cve/CVE-2015-2213

access.redhat.com/security/cve/CVE-2015-5730

access.redhat.com/security/cve/CVE-2015-5731

access.redhat.com/security/cve/CVE-2015-5732

access.redhat.com/security/cve/CVE-2015-5733

access.redhat.com/security/cve/CVE-2015-5734

codex.wordpress.org/Version_4.2.4

wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

84.5%

JSON

Related for ASA-201508-2