Lucene search
MitreCVELIST:CVE-2015-5622HistoryAug 03, 2015 - 2:00 p.m.
CVE-2015-5622
2015-08-0314:00:00
mitre
www.cve.org
2
0.004 Low
EPSS
Percentile
74.3%
Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a crafted shortcode inside an HTML element, related to wp-includes/kses.php and wp-includes/shortcodes.php.
References
codex.wordpress.org/Version_4.2.3
openwall.com/lists/oss-security/2015/07/23/18
www.debian.org/security/2015/dsa-3328
www.debian.org/security/2015/dsa-3332
www.debian.org/security/2015/dsa-3383
www.securityfocus.com/bid/76011
www.securitytracker.com/id/1033037
core.trac.wordpress.org/changeset/33359
klikki.fi/adv/wordpress3.html
wordpress.org/news/2015/07/wordpress-4-2-3/
wpvulndb.com/vulnerabilities/8111
Related
prion
prion
Cross site scripting
2015-08-03 14:59:00
debian
debian
[SECURITY] [DSA 3332-2] wordpress regression update
2015-10-29 18:58:02
[SECURITY] [DSA 3332-2] wordpress regression update
2015-10-29 18:58:02
[SECURITY] [DSA 3328-2] wordpress regression update
2015-08-04 15:36:24
hackerone
hackerone
Automattic: [bbPress] Stored XSS in any forum post.
2016-07-13 12:38:02
nvd
nvd
CVE-2015-5622
2015-08-03 14:59:01
debiancve
debiancve
CVE-2015-5622
2015-08-03 14:59:01
ubuntucve
ubuntucve
CVE-2015-5622
2015-08-03 00:00:00
cve
cve
CVE-2015-5622
2015-08-03 14:59:01
freebsd
freebsd
wordpress -- XSS vulnerability
2015-07-23 00:00:00
nessus
nessus
WordPress < 3.7.9 / 3.8.9 / 3.9.7 / 4.1.6 / 4.2.3 Multiple Vulnerabilities
2015-07-29 00:00:00
Debian DSA-3328-1 : wordpress - security update
2015-08-13 00:00:00
wpvulndb
wpvulndb
WordPress <= 4.2.2 - Authenticated Stored Cross-Site Scripting (XSS)
2015-07-23 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0290)
2022-01-28 00:00:00
Debian Security Advisory DSA 3328-1 (wordpress - security update)
2015-08-04 00:00:00
Debian: Security Advisory (DSA-3328-1)
2015-08-03 00:00:00
wpexploit
wpexploit
WordPress <= 4.2.2 - Authenticated Stored Cross-Site Scripting (XSS)
2015-07-23 00:00:00
mageia
mageia
Updated wordpress package fixes security vulnerabilities
2015-07-27 21:54:19
securityvulns
securityvulns
[SECURITY] [DSA 3328-1] wordpress security update
2015-08-24 00:00:00
[SECURITY] [DSA 3332-1] wordpress security update
2015-08-24 00:00:00
WiFi Pineapple protection bypass
2015-08-24 00:00:00
osv
osv
wordpress - security update
2015-08-04 00:00:00
wordpress - security update
2015-08-19 00:00:00
wordpress - security update
2015-08-11 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: wordpress-4.2.4-1.fc22
2015-08-13 16:57:53
[SECURITY] Fedora 21 Update: wordpress-4.2.4-1.fc21
2015-08-13 16:54:48