Lucene search
FreeBSD043D3A78-F245-4938-9BC7-3D0D35DD94BFHistorySep 11, 2013 - 12:00 a.m.
wordpress -- multiple vulnerabilities
2013-09-1100:00:00
vuxml.freebsd.org
22
0.106 Low
EPSS
Percentile
95.0%
The wordpress development team reports:
Block unsafe PHP unserialization that could occur in limited
situations and setups, which can lead to remote code
execution.
Prevent a user with an Author role, using a specially crafted
request, from being able to create a post “written by” another
user.
Fix insufficient input validation that could result in
redirecting or leading a user to another website.
Additionally, we’ve adjusted security restrictions around file
uploads to mitigate the potential for cross-site scripting.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | zh-wordpress-zh_cn | < 3.6.1 | UNKNOWN |
| FreeBSD | any | noarch | zh-wordpress-zh_tw | < 3.6.1 | UNKNOWN |
| FreeBSD | any | noarch | de-wordpress | < 3.6.1 | UNKNOWN |
| FreeBSD | any | noarch | ja-wordpress | < 3.6.1 | UNKNOWN |
| FreeBSD | any | noarch | ru-wordpress | < 3.6.1 | UNKNOWN |
| FreeBSD | any | noarch | wordpress | < 3.6.1 | UNKNOWN |
Related
nessus
nessus
WordPress < 3.6.1 Multiple Vulnerabilities
2016-02-26 00:00:00
WordPress < 3.6.1 Multiple Vulnerabilities
2013-09-19 00:00:00
Debian DSA-2757-1 : wordpress - several vulnerabilities
2013-09-15 00:00:00
openvas
openvas
Debian Security Advisory DSA 2757-1 (wordpress - several vulnerabilities)
2013-09-14 00:00:00
Debian: Security Advisory (DSA-2757-1)
2013-09-13 00:00:00
Mageia: Security Advisory (MGASA-2013-0285)
2022-01-28 00:00:00
osv
osv
wordpress - several
2013-09-14 00:00:00
mageia
mageia
Updated wordpress and php-phpmailer packages fix security vulnerabilities
2013-09-19 13:45:04
debian
debian
[SECURITY] [DSA 2757-1] wordpress security update
2013-09-14 09:15:12
securityvulns
securityvulns
[ MDVSA-2013:239 ] wordpress
2013-10-02 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: wordpress-3.6.1-1.fc20
2013-09-26 06:04:23
[SECURITY] Fedora 19 Update: wordpress-3.6.1-1.fc19
2013-09-26 06:04:43
[SECURITY] Fedora 19 Update: wordpress-3.8.3-1.fc19
2014-04-24 07:28:27
ubuntucve
ubuntucve
wpvulndb
wpvulndb
WordPress 3.6 - HTML File Upload Cross-Site Scripting (XSS)
2014-08-01 00:00:00
WordPress 3.6 - SWF/EXE File Upload Cross-Site Scripting (XSS)
2014-08-01 00:00:00
WordPress 3.6 - Post Authorship Spoofing
2014-08-01 00:00:00
seebug
seebug
WordPress get_allowed_mime_types函数(wp-includes/functions.php)存在跨站脚本漏洞
2013-09-16 00:00:00
WordPress /wp-admin/includes/post.php user_ID 参数操作权限提升漏洞
2013-09-16 00:00:00
WordPress 'is_serialized()'远程任意代码执行漏洞(CVE-2013-4338)
2013-09-16 00:00:00
patchstack
patchstack
WordPress <= 3.6.0 - Cross Site Scripting #2
2013-09-11 00:00:00
WordPress <= 3.6.0 - Cross Site Scripting #1
2013-09-11 00:00:00
WordPress <= 3.6.0 - Privilege Escalation
2013-09-09 00:00:00
debiancve
debiancve
prion
prion
Cross site scripting
2013-09-12 13:30:00
Cross site scripting
2013-09-12 13:30:00
Code injection
2013-09-12 13:30:00
cvelist
cvelist
cve
cve
veracode
veracode
Privilege Escalation
2017-08-04 07:28:46