Lucene search
FreeBSDC80B27A2-3165-11E5-8A1D-14DAE9D210B8HistoryJul 23, 2015 - 12:00 a.m.
wordpress -- XSS vulnerability
2015-07-2300:00:00
vuxml.freebsd.org
12
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
74.0%
Gary Pendergast reports:
WordPress versions 4.2.2 and earlier are affected by a
cross-site scripting vulnerability, which could allow users with the
Contributor or Author role to compromise a site. This was reported by
Jon Cave and fixed by Robert Chapin, both of the WordPress security
team.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | wordpress | < 4.2.3,1 | UNKNOWN |
| FreeBSD | any | noarch | de-wordpress | < 4.2.3 | UNKNOWN |
| FreeBSD | any | noarch | ja-wordpress | < 4.2.3 | UNKNOWN |
| FreeBSD | any | noarch | ru-wordpress | < 4.2.3 | UNKNOWN |
| FreeBSD | any | noarch | zh-wordpress-zh_cn | < 4.2.3 | UNKNOWN |
| FreeBSD | any | noarch | zh-wordpress-zh_tw | < 4.2.3 | UNKNOWN |
Related
nessus
nessus
WordPress < 3.7.9 / 3.8.9 / 3.9.7 / 4.1.6 / 4.2.3 Multiple Vulnerabilities
2015-07-29 00:00:00
Debian DSA-3328-1 : wordpress - security update
2015-08-13 00:00:00
wpvulndb
wpvulndb
WordPress <= 4.2.2 - Authenticated Stored Cross-Site Scripting (XSS)
2015-07-23 00:00:00
wpexploit
wpexploit
WordPress <= 4.2.2 - Authenticated Stored Cross-Site Scripting (XSS)
2015-07-23 00:00:00
mageia
mageia
Updated wordpress package fixes security vulnerabilities
2015-07-27 21:54:19
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0290)
2022-01-28 00:00:00
Debian Security Advisory DSA 3328-1 (wordpress - security update)
2015-08-04 00:00:00
Debian: Security Advisory (DSA-3328-1)
2015-08-03 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3328-1] wordpress security update
2015-08-24 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2015-08-24 00:00:00
[SECURITY] [DSA 3332-1] wordpress security update
2015-08-24 00:00:00
debian
debian
[SECURITY] [DSA 3328-2] wordpress regression update
2015-08-04 15:36:24
[SECURITY] [DSA 3328-1] wordpress security update
2015-08-04 06:51:55
[SECURITY] [DSA 3332-2] wordpress regression update
2015-10-29 18:58:02
osv
osv
wordpress - security update
2015-08-04 00:00:00
wordpress - security update
2015-08-19 00:00:00
wordpress - regression update
2015-08-11 00:00:00
debiancve
debiancve
CVE-2015-5623
2015-08-03 14:59:00
CVE-2015-5622
2015-08-03 14:59:00
patchstack
patchstack
WordPress <= 4.2.2 - XSS
2015-07-23 00:00:00
cve
cve
prion
prion
Cross site scripting
2015-08-03 14:59:00
Design/Logic Flaw
2015-08-03 14:59:00
hackerone
hackerone
Automattic: [bbPress] Stored XSS in any forum post.
2016-07-13 12:38:02
veracode
veracode
Bypass Access Restrictions
2017-07-28 10:45:49
ubuntucve
ubuntucve
CVE-2015-5623
2015-08-03 00:00:00
CVE-2015-5622
2015-08-03 00:00:00
checkpoint_advisories
checkpoint_advisories
WordPress post Request Privilege Escalation (CVE-2015-2212; CVE-2015-5623)
2015-07-28 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: wordpress-4.2.4-1.fc22
2015-08-13 16:57:53
[SECURITY] Fedora 21 Update: wordpress-4.2.4-1.fc21
2015-08-13 16:54:48
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
74.0%
Related for C80B27A2-3165-11E5-8A1D-14DAE9D210B8