ID CVE-2015-3438 Type cve Reporter cve@mitre.org Modified 2016-12-06T03:00:00
Description
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that reaches the database layer, as demonstrated by a crafted character in a comment.
{"openvas": [{"lastseen": "2019-11-14T16:26:29", "bulletinFamily": "scanner", "description": "This host is running WordPress and is prone\n to multiple cross site scripting vulnerabilities.", "modified": "2019-11-12T00:00:00", "published": "2015-10-12T00:00:00", "id": "OPENVAS:1361412562310805988", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805988", "title": "WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:wordpress:wordpress\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805988\");\n script_version(\"2019-11-12T13:33:43+0000\");\n script_cve_id(\"CVE-2015-3438\");\n script_bugtraq_id(74269);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-11-12 13:33:43 +0000 (Tue, 12 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-10-12 14:01:19 +0530 (Mon, 12 Oct 2015)\");\n script_name(\"WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running WordPress and is prone\n to multiple cross site scripting vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to improper input\n data sanitization via four-byte UTF-8 character or via an invalid character.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary script code in a user's browser session within\n the trust relationship between their browser and the server.\");\n\n script_tag(name:\"affected\", value:\"Wordpress versions before 4.1.2 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.1.2 or higher.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"https://wordpress.org/news/2015/04/wordpress-4-1-2\");\n script_xref(name:\"URL\", value:\"http://zoczus.blogspot.in/2015/04/plupload-same-origin-method-execution.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"os_detection.nasl\", \"secpod_wordpress_detect_900182.nasl\");\n script_mandatory_keys(\"wordpress/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!wpPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!wpVer = get_app_version(cpe:CPE, port:wpPort)){\n exit(0);\n}\n\nif(version_is_less(version:wpVer, test_version:\"4.1.2\"))\n{\n report = 'Installed Version: ' + wpVer + '\\n' +\n 'Fixed Version: ' + \"4.1.2\" + '\\n';\n\n security_message(data:report, port:wpPort);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-14T16:25:37", "bulletinFamily": "scanner", "description": "This host is running WordPress and is prone\n to multiple cross site scripting vulnerabilities.", "modified": "2019-11-12T00:00:00", "published": "2015-10-12T00:00:00", "id": "OPENVAS:1361412562310805987", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805987", "title": "WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:wordpress:wordpress\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805987\");\n script_version(\"2019-11-12T13:33:43+0000\");\n script_cve_id(\"CVE-2015-3438\");\n script_bugtraq_id(74269);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-11-12 13:33:43 +0000 (Tue, 12 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-10-12 14:03:09 +0530 (Mon, 12 Oct 2015)\");\n script_name(\"WordPress 'Non-Strict Mode' Multiple Cross-Site Scripting Vulnerabilities (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running WordPress and is prone\n to multiple cross site scripting vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to improper input\n data sanitization via four-byte UTF-8 character or via an invalid character.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary script code in a user's browser session within\n the trust relationship between their browser and the server.\");\n\n script_tag(name:\"affected\", value:\"Wordpress versions before 4.1.2 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.1.2 or higher.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"https://wordpress.org/news/2015/04/wordpress-4-1-2\");\n script_xref(name:\"URL\", value:\"http://zoczus.blogspot.in/2015/04/plupload-same-origin-method-execution.html\");\n\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"os_detection.nasl\", \"secpod_wordpress_detect_900182.nasl\");\n script_mandatory_keys(\"wordpress/installed\", \"Host/runs_windows\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!wpPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!wpVer = get_app_version(cpe:CPE, port:wpPort)){\n exit(0);\n}\n\nif(version_is_less(version:wpVer, test_version:\"4.1.2\"))\n{\n report = 'Installed Version: ' + wpVer + '\\n' +\n 'Fixed Version: ' + \"4.1.2\" + '\\n';\n\n security_message(data:report, port:wpPort);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:26", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-06-09T00:00:00", "id": "OPENVAS:1361412562310869380", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869380", "title": "Fedora Update for wordpress FEDORA-2015-6808", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2015-6808\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869380\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 10:44:50 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-3440\", \"CVE-2015-3438\", \"CVE-2015-3439\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for wordpress FEDORA-2015-6808\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"wordpress on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-6808\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-May/158271.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~4.2.2~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:22", "bulletinFamily": "scanner", "description": "Multiple security issues have been\ndiscovered in Wordpress, a weblog manager, that could allow remote attackers\nto upload files with invalid or unsafe names, mount social engineering attacks\nor compromise a site via cross-site scripting, and inject SQL commands.", "modified": "2019-03-18T00:00:00", "published": "2015-05-04T00:00:00", "id": "OPENVAS:1361412562310703250", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703250", "title": "Debian Security Advisory DSA 3250-1 (wordpress - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3250.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3250-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703250\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2015-3438\", \"CVE-2015-3439\", \"CVE-2015-3440\");\n script_name(\"Debian Security Advisory DSA 3250-1 (wordpress - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-04 00:00:00 +0200 (Mon, 04 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3250.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"wordpress on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 3.6.1+dfsg-1~deb7u6.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4.1+dfsg-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 4.2.1+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.2.1+dfsg-1.\n\nWe recommend that you upgrade your wordpress packages.\");\n script_tag(name:\"summary\", value:\"Multiple security issues have been\ndiscovered in Wordpress, a weblog manager, that could allow remote attackers\nto upload files with invalid or unsafe names, mount social engineering attacks\nor compromise a site via cross-site scripting, and inject SQL commands.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u6\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u6\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-24T12:53:13", "bulletinFamily": "scanner", "description": "Multiple security issues have been\ndiscovered in Wordpress, a weblog manager, that could allow remote attackers\nto upload files with invalid or unsafe names, mount social engineering attacks\nor compromise a site via cross-site scripting, and inject SQL commands.\n\nMore information can be found in the upstream advisories at\nhttps://wordpress.org/news/2015/04/wordpress-4-1-2/ and\nhttps://wordpress.org/news/2015/04/wordpress-4-2-1/", "modified": "2017-07-07T00:00:00", "published": "2015-05-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703250", "id": "OPENVAS:703250", "title": "Debian Security Advisory DSA 3250-1 (wordpress - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3250.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3250-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703250);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-3438\", \"CVE-2015-3439\", \"CVE-2015-3440\");\n script_name(\"Debian Security Advisory DSA 3250-1 (wordpress - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-04 00:00:00 +0200 (Mon, 04 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3250.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"wordpress on Debian Linux\");\n script_tag(name: \"insight\", value: \"WordPress is a full featured web\nblogging tool:\n* Instant publishing (no rebuilding)\n* Comment pingback support with spam protection\n* Non-crufty URLs\n* Themable\n* Plugin support\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthese problems have been fixed in version 3.6.1+dfsg-1~deb7u6.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4.1+dfsg-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 4.2.1+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.2.1+dfsg-1.\n\nWe recommend that you upgrade your wordpress packages.\");\n script_tag(name: \"summary\", value: \"Multiple security issues have been\ndiscovered in Wordpress, a weblog manager, that could allow remote attackers\nto upload files with invalid or unsafe names, mount social engineering attacks\nor compromise a site via cross-site scripting, and inject SQL commands.\n\nMore information can be found in the upstream advisories at\nhttps://wordpress.org/news/2015/04/wordpress-4-1-2/ and\nhttps://wordpress.org/news/2015/04/wordpress-4-2-1/\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.6.1+dfsg-1~deb7u6\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.6.1+dfsg-1~deb7u6\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:36:48", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-07T00:00:00", "id": "OPENVAS:1361412562310869692", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869692", "title": "Fedora Update for wordpress FEDORA-2015-6778", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2015-6778\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869692\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:35:37 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-3438\", \"CVE-2015-3439\", \"CVE-2015-3440\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for wordpress FEDORA-2015-6778\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"wordpress on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-6778\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-May/157391.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~4.2.1~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:32", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-06-09T00:00:00", "id": "OPENVAS:1361412562310869390", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869390", "title": "Fedora Update for wordpress FEDORA-2015-6790", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2015-6790\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869390\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 10:45:46 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2014-0165\", \"CVE-2014-0166\", \"CVE-2015-3438\", \"CVE-2015-3439\",\n \"CVE-2015-3440\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for wordpress FEDORA-2015-6790\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"wordpress on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-6790\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-May/158278.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~4.2.2~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "wpvulndb": [{"lastseen": "2019-05-29T14:26:01", "bulletinFamily": "software", "description": "WordPress Vulnerability - WordPress <= 4.1.1 - Unauthenticated Stored Cross-Site Scripting (XSS)\n", "modified": "2018-08-29T00:00:00", "published": "2015-04-21T00:00:00", "id": "WPVDB-ID:7929", "href": "https://wpvulndb.com/vulnerabilities/7929", "type": "wpvulndb", "title": "WordPress <= 4.1.1 - Unauthenticated Stored Cross-Site Scripting (XSS)", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2019-11-23T13:14:02", "bulletinFamily": "scanner", "description": "According to its version number, the WordPress application running\non the remote web server is potentially affected by multiple\nvulnerabilities :\n\n - An unspecified flaw exists that allows an attacker to\n upload arbitrary files with invalid or unsafe names.\n Note that this only affects versions 4.1 and higher.\n\n - A cross-site scripting vulnerability exists due to\n improper validation of user-supplied input. A remote\n attacker, using a specially crafted request, can exploit\n this to execute arbitrary script code in a user", "modified": "2019-11-02T00:00:00", "id": "WORDPRESS_4_1_2.NASL", "href": "https://www.tenable.com/plugins/nessus/83053", "published": "2015-04-24T00:00:00", "title": "WordPress < 3.7.6 / 3.8.6 / 3.9.4 / 4.1.2 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83053);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\"CVE-2015-3438\", \"CVE-2015-3439\");\n script_bugtraq_id(74269, 75146);\n\n script_name(english:\"WordPress < 3.7.6 / 3.8.6 / 3.9.4 / 4.1.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of WordPress.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains a PHP application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the WordPress application running\non the remote web server is potentially affected by multiple\nvulnerabilities :\n\n - An unspecified flaw exists that allows an attacker to\n upload arbitrary files with invalid or unsafe names.\n Note that this only affects versions 4.1 and higher.\n\n - A cross-site scripting vulnerability exists due to\n improper validation of user-supplied input. A remote\n attacker, using a specially crafted request, can exploit\n this to execute arbitrary script code in a user's\n browser session.\n\n - A limited cross-site scripting vulnerability exists due\n to improper validation of user-supplied input. A remote\n attacker, using a specially crafted request, can exploit\n this to execute arbitrary script code in a user's\n browser session. Note that this only affects versions\n 3.9 and higher.\n\n - An unspecified SQL injection vulnerability exists in\n some plugins.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://wordpress.org/news/2015/04/wordpress-4-1-2/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://codex.wordpress.org/Version_4.1.2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://codex.wordpress.org/Version_3.9.4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://codex.wordpress.org/Version_3.8.6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://codex.wordpress.org/Version_3.7.6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to WordPress 3.7.6 / 3.8.6 / 3.9.4 / 4.1.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-3439\");\n script_set_attribute(attribute:\"cvss_score_rationale\", value:\"The WordPress release notes indicate that the issue is a serious critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site, which supports the CIA score.\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/24\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wordpress:wordpress\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wordpress_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/WordPress\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\napp = \"WordPress\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:80, php:TRUE);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\n\ndir = install['path'];\nversion = install['version'];\ninstall_url = build_url(port:port, qs:dir);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nver = split(version, sep:\".\", keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n# Versions less than 4.1.2 are vulnerable\n# https://wordpress.org/download/release-archive/\nif (\n # Short version\n version == \"3.7\" ||\n version == \"3.8\" ||\n version == \"3.9\" ||\n version == \"4.1\" ||\n # Longer versions\n (ver[0] < 3) ||\n (ver[0] == 3 && ver[1] < 7) ||\n (ver[0] == 3 && ver[1] == 7 && ver[2] < 6) ||\n (ver[0] == 3 && ver[1] == 8 && ver[2] < 6) ||\n (ver[0] == 3 && ver[1] == 9 && ver[2] < 4) ||\n (ver[0] == 4 && ver[1] < 1) ||\n (ver[0] == 4 && ver[1] == 1 && ver[2] < 2) ||\n # Short alpha / beta / RC versions\n version =~ \"^(3\\.[789]|4\\.1)-(alpha|beta|RC)(\\d+|$|[^0-9])\" ||\n # Longer alpha / beta / RC versions\n version =~ \"^(3\\.7\\.6|3\\.8\\.6|3\\.9\\.4|4\\.1\\.2)-(alpha|beta|RC)(\\d+|$|[^0-9])\"\n)\n{\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n set_kb_item(name:'www/'+port+'/SQLInjection', value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' +install_url+\n '\\n Installed version : ' +version+\n '\\n Fixed version : 3.7.6 / 3.8.6 / 3.9.4 / 4.1.2' +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, version);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-01T02:27:23", "bulletinFamily": "scanner", "description": "**WordPress 4.2 ", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2015-6778.NASL", "href": "https://www.tenable.com/plugins/nessus/83315", "published": "2015-05-11T00:00:00", "title": "Fedora 22 : wordpress-4.2.1-1.fc22 (2015-6778)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6778.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83315);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:14:52 $\");\n\n script_cve_id(\"CVE-2015-3438\", \"CVE-2015-3439\", \"CVE-2015-3440\");\n script_xref(name:\"FEDORA\", value:\"2015-6778\");\n\n script_name(english:\"Fedora 22 : wordpress-4.2.1-1.fc22 (2015-6778)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**WordPress 4.2 'Powell' **\n\n - Upstream announcement\n https://wordpress.org/news/2015/04/powell/\n\n**WordPress 4.2.1 Security Release**\n\n - Upstream announcement\n https://wordpress.org/news/2015/04/wordpress-4-2-1/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1214650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1216069\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-May/157391.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ca4be38\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2015/04/powell/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2015/04/wordpress-4-2-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"wordpress-4.2.1-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-01T02:21:21", "bulletinFamily": "scanner", "description": "Multiple security issues have been discovered in Wordpress, a weblog\nmanager, that could allow remote attackers to upload files with\ninvalid or unsafe names, mount social engineering attacks or\ncompromise a site via cross-site scripting, and inject SQL commands.\n\nMore information can be found in the upstream advisories at and", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-3250.NASL", "href": "https://www.tenable.com/plugins/nessus/83236", "published": "2015-05-05T00:00:00", "title": "Debian DSA-3250-1 : wordpress - security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3250. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83236);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:37\");\n\n script_cve_id(\"CVE-2015-3438\", \"CVE-2015-3439\", \"CVE-2015-3440\");\n script_bugtraq_id(74269, 74334);\n script_xref(name:\"DSA\", value:\"3250\");\n\n script_name(english:\"Debian DSA-3250-1 : wordpress - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been discovered in Wordpress, a weblog\nmanager, that could allow remote attackers to upload files with\ninvalid or unsafe names, mount social engineering attacks or\ncompromise a site via cross-site scripting, and inject SQL commands.\n\nMore information can be found in the upstream advisories at and\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wordpress\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/wordpress\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3250\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wordpress packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 3.6.1+dfsg-1~deb7u6.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 4.1+dfsg-1+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"wordpress\", reference:\"3.6.1+dfsg-1~deb7u6\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wordpress-l10n\", reference:\"3.6.1+dfsg-1~deb7u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress\", reference:\"4.1+dfsg-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-l10n\", reference:\"4.1+dfsg-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-theme-twentyfifteen\", reference:\"4.1+dfsg-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-theme-twentyfourteen\", reference:\"4.1+dfsg-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-theme-twentythirteen\", reference:\"4.1+dfsg-1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-01T02:27:23", "bulletinFamily": "scanner", "description": "**WordPress 4.2 ", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2015-6790.NASL", "href": "https://www.tenable.com/plugins/nessus/83750", "published": "2015-05-21T00:00:00", "title": "Fedora 20 : wordpress-4.2.2-1.fc20 (2015-6790)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6790.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83750);\n script_version(\"$Revision: 2.4 $\");\n script_cvs_date(\"$Date: 2016/12/06 14:24:42 $\");\n\n script_cve_id(\"CVE-2015-3429\", \"CVE-2015-3438\", \"CVE-2015-3439\", \"CVE-2015-3440\");\n script_xref(name:\"FEDORA\", value:\"2015-6790\");\n\n script_name(english:\"Fedora 20 : wordpress-4.2.2-1.fc20 (2015-6790)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**WordPress 4.2 'Powell' **\n\n - Upstream announcement\n https://wordpress.org/news/2015/04/powell/\n\n**WordPress 4.2.1 Security Release**\n\n - Upstream announcement\n https://wordpress.org/news/2015/04/wordpress-4-2-1/\n\n**WordPress 4.2.2 Security and Maintenance Release**\n\n - Upstream announcement\n https://wordpress.org/news/2015/05/wordpress-4-2-2/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1214650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1216069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1219368\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-May/158278.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?043c46fc\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2015/04/powell/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2015/04/wordpress-4-2-1/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2015/05/wordpress-4-2-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"wordpress-4.2.2-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-01T02:27:23", "bulletinFamily": "scanner", "description": "**WordPress 4.2 ", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2015-6808.NASL", "href": "https://www.tenable.com/plugins/nessus/83751", "published": "2015-05-21T00:00:00", "title": "Fedora 21 : wordpress-4.2.2-1.fc21 (2015-6808)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-6808.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83751);\n script_version(\"$Revision: 2.4 $\");\n script_cvs_date(\"$Date: 2016/12/06 14:24:42 $\");\n\n script_cve_id(\"CVE-2015-3429\", \"CVE-2015-3438\", \"CVE-2015-3439\", \"CVE-2015-3440\");\n script_xref(name:\"FEDORA\", value:\"2015-6808\");\n\n script_name(english:\"Fedora 21 : wordpress-4.2.2-1.fc21 (2015-6808)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**WordPress 4.2 'Powell' **\n\n - Upstream announcement\n https://wordpress.org/news/2015/04/powell/\n\n**WordPress 4.2.1 Security Release**\n\n - Upstream announcement\n https://wordpress.org/news/2015/04/wordpress-4-2-1/\n\n**WordPress 4.2.2 Security and Maintenance Release**\n\n - Upstream announcement\n https://wordpress.org/news/2015/05/wordpress-4-2-2/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1214650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1216069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1219368\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-May/158271.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?746720e2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2015/04/powell/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2015/04/wordpress-4-2-1/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2015/05/wordpress-4-2-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"wordpress-4.2.2-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-01T02:20:24", "bulletinFamily": "scanner", "description": "In the Debian squeeze-lts version of Wordpress, multiple security\nissues have been fixed :\n\nRemote attackers could...\n\n - ... upload files with invalid or unsafe names\n\n - ... mount social engineering attacks\n\n - ... compromise a site via cross-site scripting\n\n - ... inject SQL commands\n\n - ... cause denial of service or information disclosure\n\nCVE-2014-9031\n\nJouko Pynnonen discovered an unauthenticated cross site scripting\nvulnerability (XSS) in wptexturize(), exploitable via comments or\nposts.\n\nCVE-2014-9033\n\nCross site request forgery (CSRF) vulnerability in the password\nchanging process, which could be used by an attacker to trick an user\ninto changing her password.\n\nCVE-2014-9034\n\nJavier Nieto Arevalo and Andres Rojas Guerrero reported a potential\ndenial of service in the way the phpass library is used to handle\npasswords, since no maximum password length was set.\n\nCVE-2014-9035\n\nJohn Blackbourn reported an XSS in the ", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DLA-236.NASL", "href": "https://www.tenable.com/plugins/nessus/83918", "published": "2015-06-02T00:00:00", "title": "Debian DLA-236-1 : wordpress security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-236-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83918);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/07/06 11:26:06\");\n\n script_cve_id(\"CVE-2014-9031\", \"CVE-2014-9033\", \"CVE-2014-9034\", \"CVE-2014-9035\", \"CVE-2014-9036\", \"CVE-2014-9037\", \"CVE-2014-9038\", \"CVE-2014-9039\", \"CVE-2015-3438\", \"CVE-2015-3439\", \"CVE-2015-3440\");\n script_bugtraq_id(71231, 71232, 71233, 71234, 71236, 71237, 71238, 74269, 74334);\n\n script_name(english:\"Debian DLA-236-1 : wordpress security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"In the Debian squeeze-lts version of Wordpress, multiple security\nissues have been fixed :\n\nRemote attackers could...\n\n - ... upload files with invalid or unsafe names\n\n - ... mount social engineering attacks\n\n - ... compromise a site via cross-site scripting\n\n - ... inject SQL commands\n\n - ... cause denial of service or information disclosure\n\nCVE-2014-9031\n\nJouko Pynnonen discovered an unauthenticated cross site scripting\nvulnerability (XSS) in wptexturize(), exploitable via comments or\nposts.\n\nCVE-2014-9033\n\nCross site request forgery (CSRF) vulnerability in the password\nchanging process, which could be used by an attacker to trick an user\ninto changing her password.\n\nCVE-2014-9034\n\nJavier Nieto Arevalo and Andres Rojas Guerrero reported a potential\ndenial of service in the way the phpass library is used to handle\npasswords, since no maximum password length was set.\n\nCVE-2014-9035\n\nJohn Blackbourn reported an XSS in the 'Press This' function (used for\nquick publishing using a browser 'bookmarklet').\n\nCVE-2014-9036\n\nRobert Chapin reported an XSS in the HTML filtering of CSS in posts.\n\nCVE-2014-9037\n\nDavid Anderson reported a hash comparison vulnerability for passwords\nstored using the old-style MD5 scheme. While unlikely, this could be\nexploited to compromise an account, if the user had not logged in\nafter a Wordpress 2.5 update (uploaded to Debian on 2 Apr, 2008) and\nthe password MD5 hash could be collided with due to PHP dynamic\ncomparison.\n\nCVE-2014-9038\n\nBen Bidner reported a server side request forgery (SSRF) in the core\nHTTP layer which unsufficiently blocked the loopback IP address space.\n\nCVE-2014-9039\n\nMomen Bassel, Tanoy Bose, and Bojan Slavkovic reported a vulnerability\nin the password reset process: an email address change would not\ninvalidate a previous password reset email.\n\nCVE-2015-3438\n\nCedric Van Bockhaven reported and Gary Pendergast, Mike Adams, and\nAndrew Nacin of the WordPress security team fixed a\ncross-site-scripting vulnerabilitity, which could enable anonymous\nusers to compromise a site. \n\nCVE-2015-3439\n\nJakub Zoczek discovered a very limited cross-site scripting\nvulnerability, that could be used as part of a social engineering\nattack.\n\nCVE-2015-3440\n\nJouko Pynnönen discovered a cross-site scripting vulnerability,\nwhich could enable commenters to compromise a site.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/06/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/wordpress\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected wordpress, and wordpress-l10n packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"wordpress\", reference:\"3.6.1+dfsg-1~deb6u6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wordpress-l10n\", reference:\"3.6.1+dfsg-1~deb6u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2019-06-25T02:22:16", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3250-1 security@debian.org\nhttp://www.debian.org/security/ Alessandro Ghedini\nMay 04, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wordpress\nCVE ID : CVE-2015-3438 CVE-2015-3439 CVE-2015-3440\nDebian Bug : 783347 783554\n\nMultiple security issues have been discovered in Wordpress, a weblog\nmanager, that could allow remote attackers to upload files with invalid\nor unsafe names, mount social engineering attacks or compromise a site\nvia cross-site scripting, and inject SQL commands.\n\nMore information can be found in the upstream advisories at\nhttps://wordpress.org/news/2015/04/wordpress-4-1-2/ and\nhttps://wordpress.org/news/2015/04/wordpress-4-2-1/\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 3.6.1+dfsg-1~deb7u6.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4.1+dfsg-1+deb8u1.\n\nFor the testing distribution (stretch), these problems have been fixed in\nversion 4.2.1+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.2.1+dfsg-1.\n\nWe recommend that you upgrade your wordpress packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-05-04T18:51:10", "published": "2015-05-04T18:51:10", "id": "DEBIAN:DSA-3250-1:41594", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00138.html", "title": "[SECURITY] [DSA 3250-1] wordpress security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-30T02:21:38", "bulletinFamily": "unix", "description": "Package : wordpress\nVersion : 3.6.1+dfsg-1~deb6u6\nCVE ID : CVE-2014-9031 CVE-2014-9033 CVE-2014-9034 CVE-2014-9035 \n CVE-2014-9036 CVE-2014-9037 CVE-2014-9038 CVE-2014-9039 CVE-2015-3438 CVE-2015-3439 CVE-2015-3440\nDebian Bug : #783347 #783554 #770425\n\nIn the Debian squeeze-lts version of Wordpress, multiple security issues\nhave been fixed: \n\n Remote attackers could...\n * ... upload files with invalid or unsafe names\n * ... mount social engineering attacks\n * ... compromise a site via cross-site scripting\n * ... inject SQL commands\n * ... cause denial of service or information disclosure\n\nCVE-2014-9031\n\n Jouko Pynnonen discovered an unauthenticated cross site scripting\n vulnerability (XSS) in wptexturize(), exploitable via comments or\n posts.\n\nCVE-2014-9033\n\n Cross site request forgery (CSRF) vulnerability in the password\n changing process, which could be used by an attacker to trick an user\n into changing her password.\n\nCVE-2014-9034\n\n Javier Nieto Arevalo and Andres Rojas Guerrero reported a potential\n denial of service in the way the phpass library is used to handle\n passwords, since no maximum password length was set.\n\nCVE-2014-9035\n\n John Blackbourn reported an XSS in the "Press This" function (used\n for quick publishing using a browser "bookmarklet").\n\nCVE-2014-9036\n\n Robert Chapin reported an XSS in the HTML filtering of CSS in posts.\n\nCVE-2014-9037\n\n David Anderson reported a hash comparison vulnerability for passwords\n stored using the old-style MD5 scheme. While unlikely, this could be\n exploited to compromise an account, if the user had not logged in\n after a Wordpress 2.5 update (uploaded to Debian on 2 Apr, 2008) and\n the password MD5 hash could be collided with due to PHP dynamic\n comparison.\n\nCVE-2014-9038\n\n Ben Bidner reported a server side request forgery (SSRF) in the core\n HTTP layer which unsufficiently blocked the loopback IP address\n space.\n\nCVE-2014-9039\n\n Momen Bassel, Tanoy Bose, and Bojan Slavkovic reported a\n vulnerability in the password reset process: an email address change\n would not invalidate a previous password reset email.\n\nCVE-2015-3438\n\n Cedric Van Bockhaven reported and Gary Pendergast, Mike Adams, and Andrew Nacin of the\n WordPress security team fixed a cross-site-scripting vulnerabilitity, which could enable anonymous users\n to compromise a site. \n\nCVE-2015-3439\n\n Jakub Zoczek discovered a very limited cross-site scripting\n vulnerability, that could be used as part of a social engineering\n attack.\n\nCVE-2015-3440\n\n Jouko Pynn\u00f6nen discovered a cross-site scripting vulnerability,\n which could enable commenters to compromise a site.\n\n-- \n\nmike gabriel aka sunweaver (Debian Developer)\nfon: +49 (1520) 1976 148\n\nGnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31\nmail: sunweaver@debian.org, http://sunweavers.net\n", "modified": "2015-06-01T12:11:49", "published": "2015-06-01T12:11:49", "id": "DEBIAN:DLA-236-1:57EB8", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201506/msg00000.html", "title": "[SECURITY] [DLA 236-1] wordpress security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:58", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3250-1 security@debian.org\r\nhttp://www.debian.org/security/ Alessandro Ghedini\r\nMay 04, 2015 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : wordpress\r\nCVE ID : CVE-2015-3438 CVE-2015-3439 CVE-2015-3440\r\nDebian Bug : 783347 783554\r\n\r\nMultiple security issues have been discovered in Wordpress, a weblog\r\nmanager, that could allow remote attackers to upload files with invalid\r\nor unsafe names, mount social engineering attacks or compromise a site\r\nvia cross-site scripting, and inject SQL commands.\r\n\r\nMore information can be found in the upstream advisories at\r\nhttps://wordpress.org/news/2015/04/wordpress-4-1-2/ and\r\nhttps://wordpress.org/news/2015/04/wordpress-4-2-1/\r\n\r\nFor the oldstable distribution (wheezy), these problems have been fixed\r\nin version 3.6.1+dfsg-1~deb7u6.\r\n\r\nFor the stable distribution (jessie), these problems have been fixed in\r\nversion 4.1+dfsg-1+deb8u1.\r\n\r\nFor the testing distribution (stretch), these problems have been fixed in\r\nversion 4.2.1+dfsg-1.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 4.2.1+dfsg-1.\r\n\r\nWe recommend that you upgrade your wordpress packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBCgAGBQJVR7+OAAoJEK+lG9bN5XPL7YgP/0kHKf4aTa4H/XlOy9L7/Oqz\r\nIKaG69pbpzAN0ulrFt/flIWWN//SHzoY8jOfIZnrm4pnsDd6O2qS4TpTGa/911KQ\r\nIEBhEuGsNrkSEjQZDW/NHsf1cdhTf3O3yWrtFMnaQSW2ksZnJb0GlgpSY1y/9bGH\r\nAQWxhL6moG/ILO3e1j4gdr4bMKNBC1p1RK2+b7PQROQjdWjtdRCUKeDCpK9Qdt3P\r\nbO/DaRdO07RjX4h92ozxKIpvsTfTaxlPDwFm2Sn2SSpkLS507QGDHdEkI2hu4Fj3\r\nqT+BjSxPbqt767AlibehtoqF7UPz9zw6J06Wg37YBHTBWit1s6MO8K9y65B5ZO0a\r\npdRGjoaUprnGNvskaGXLPb80lASNQQ0m6aMdmbHgvzfTtPDG0MpNxLvCxpR5rLc+\r\nz6YClWL+GzKHxKfpU0m8iC/0UnxrGsJ6jsYqElbDDoIf5ztrrJov6m5xpoME7vsS\r\n9jaE4F1YWrhluNGTp4pAa/x78FLNOdVaDs/lPQ0f1dmq6EI1GaD9iuUp4XEANo76\r\nSM0vjnzJ2Jo0kakcHiHbt7YX2tQilkrAkIMYAzDew1jtkvofLxW9jbeJ9NDWE5Hb\r\n2d1mIvlRTRBFIMCS+5M83TSiIFeNOe7DjK19KTAYSAiLYf8LXuGWB2Y/eZF2j3Bq\r\nRKxnRPe6EBh+NRIvZyaa\r\n=nORs\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2015-05-11T00:00:00", "published": "2015-05-11T00:00:00", "id": "SECURITYVULNS:DOC:32048", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32048", "title": "[SECURITY] [DSA 3250-1] wordpress security update", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:00", "bulletinFamily": "software", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "modified": "2015-05-11T00:00:00", "published": "2015-05-11T00:00:00", "id": "SECURITYVULNS:VULN:14473", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14473", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
