Search...

WordPress < 4.5.3 Multiple Vulnerabilities

2016-06-24T00:00:00

ID WORDPRESS_4_5_3.NASL
Type nessus
Reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-01-02T00:00:00

Description

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.5.3. It is, therefore, affected by the following vulnerabilities :

An unspecified flaw exists in the Customizer component that allows an unauthenticated, remote attacker to perform a redirect bypass.

Multiple cross-site scripting vulnerabilities exist due to improper validation of user-supplied input when handling attachment names. An unauthenticated, remote attacker can exploit these issues, via a specially crafted request, to execute arbitrary script code in a user's browser session.

An information disclosure vulnerability exists that allows an unauthenticated, remote attacker to disclose revision history.

An unspecified flaw exists in oEmbed that allows an unauthenticated, remote attacker to cause a denial of service condition.

An unspecified flaw exists that allows an unauthenticated, remote attacker to remove categories from posts.

An unspecified flaw exists that is triggered when handling stolen cookies. An unauthenticated, remote attacker can exploit this to change user passwords.

Multiple unspecified flaws exist in the sanitize_file_name() function that allow an unauthenticated, remote attacker to have an unspecified impact.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(91810);
  script_version("1.8");
  script_cvs_date("Date: 2019/11/14");

  script_cve_id(
    "CVE-2016-5832",
    "CVE-2016-5833",
    "CVE-2016-5834",
    "CVE-2016-5835",
    "CVE-2016-5836",
    "CVE-2016-5837",
    "CVE-2016-5838",
    "CVE-2016-5839"
  );
  script_bugtraq_id(
    91362,
    91363,
    91364,
    91365,
    91366,
    91367,
    91368
  );

  script_name(english:"WordPress &lt; 4.5.3 Multiple Vulnerabilities");
  script_summary(english:"Checks the version of WordPress.");

  script_set_attribute(attribute:"synopsis", value:
"A PHP application running on the remote web server is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the WordPress
application running on the remote web server is prior to 4.5.3.
It is, therefore, affected by the following vulnerabilities :

  - An unspecified flaw exists in the Customizer component
    that allows an unauthenticated, remote attacker to
    perform a redirect bypass.

  - Multiple cross-site scripting vulnerabilities exist due
    to improper validation of user-supplied input when
    handling attachment names. An unauthenticated, remote
    attacker can exploit these issues, via a specially
    crafted request, to execute arbitrary script code in a
    user's browser session.

  - An information disclosure vulnerability exists that
    allows an unauthenticated, remote attacker to disclose
    revision history.

  - An unspecified flaw exists in oEmbed that allows an
    unauthenticated, remote attacker to cause a denial of
    service condition.

  - An unspecified flaw exists that allows an
    unauthenticated, remote attacker to remove categories
    from posts.

  - An unspecified flaw exists that is triggered when
    handling stolen cookies. An unauthenticated, remote
    attacker can exploit this to change user passwords.

  - Multiple unspecified flaws exist in the
    sanitize_file_name() function that allow an
    unauthenticated, remote attacker to have an unspecified
    impact.

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://wordpress.org/news/2016/06/wordpress-4-5-3/");
  script_set_attribute(attribute:"solution", value:
"Upgrade to WordPress version 4.5.3 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5839");

  script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/06/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/24");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:wordpress:wordpress");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("wordpress_detect.nasl");
  script_require_keys("www/PHP", "installed_sw/WordPress", "Settings/ParanoidReport");
  script_require_ports("Services/www", 80, 443);

  exit(0);
}

include("vcf.inc");
include("http.inc");

if (report_paranoia &lt; 2) audit(AUDIT_PARANOID);

app = "WordPress";
port = get_http_port(default:80, php:TRUE);

app_info = vcf::get_app_info(app:app, port:port, webapp:TRUE);
vcf::check_granularity(app_info:app_info, sig_segments:2);

constraints = [
  { "fixed_version":"3.7.15", "fixed_display" : "3.7.15 / 4.5.3" },
  { "min_version":"3.8", "fixed_version":"3.8.15", "fixed_display" : "3.8.15 / 4.5.3" },
  { "min_version":"3.9", "fixed_version":"3.9.13", "fixed_display" : "3.9.13 / 4.5.3" },
  { "min_version":"4.0", "fixed_version":"4.0.12", "fixed_display" : "4.0.12 / 4.5.3" },
  { "min_version":"4.1", "fixed_version":"4.1.12", "fixed_display" : "4.1.12 / 4.5.3" },
  { "min_version":"4.2", "fixed_version":"4.2.9", "fixed_display" : "4.2.9 / 4.5.3" },
  { "min_version":"4.3", "fixed_version":"4.3.5", "fixed_display" : "4.3.5 / 4.5.3" },
  { "min_version":"4.4", "fixed_version":"4.4.4", "fixed_display" : "4.4.4 / 4.5.3" },
  { "min_version":"4.5", "fixed_version":"4.5.3", "fixed_display" : "4.5.3" }
];

vcf::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_WARNING,
  flags:{xss:TRUE}
);

JSON Vulners Source

Initial Source

{"id": "WORDPRESS_4_5_3.NASL", "bulletinFamily": "scanner", "title": "WordPress < 4.5.3 Multiple Vulnerabilities", "description": "According to its self-reported version number, the WordPress\napplication running on the remote web server is prior to 4.5.3.\nIt is, therefore, affected by the following vulnerabilities :\n\n - An unspecified flaw exists in the Customizer component\n that allows an unauthenticated, remote attacker to\n perform a redirect bypass.\n\n - Multiple cross-site scripting vulnerabilities exist due\n to improper validation of user-supplied input when\n handling attachment names. An unauthenticated, remote\n attacker can exploit these issues, via a specially\n crafted request, to execute arbitrary script code in a\n user's browser session.\n\n - An information disclosure vulnerability exists that\n allows an unauthenticated, remote attacker to disclose\n revision history.\n\n - An unspecified flaw exists in oEmbed that allows an\n unauthenticated, remote attacker to cause a denial of\n service condition.\n\n - An unspecified flaw exists that allows an\n unauthenticated, remote attacker to remove categories\n from posts.\n\n - An unspecified flaw exists that is triggered when\n handling stolen cookies. An unauthenticated, remote\n attacker can exploit this to change user passwords.\n\n - Multiple unspecified flaws exist in the\n sanitize_file_name() function that allow an\n unauthenticated, remote attacker to have an unspecified\n impact.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "published": "2016-06-24T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "href": "https://www.tenable.com/plugins/nessus/91810", "reporter": "This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://wordpress.org/news/2016/06/wordpress-4-5-3/"], "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5836", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5833"], "type": "nessus", "lastseen": "2021-01-01T07:01:01", "edition": 27, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310808518", "OPENVAS:1361412562310808532", "OPENVAS:1361412562310891452", "OPENVAS:1361412562310703639", "OPENVAS:1361412562310808256", "OPENVAS:1361412562310808525", "OPENVAS:703639", "OPENVAS:1361412562310808255"]}, {"type": "freebsd", "idList": ["BFCC23B6-3B27-11E6-8E82-002590263BF5"]}, {"type": "nessus", "idList": ["FEDORA_2016-A5E392EF01.NASL", "FEDORA_2016-4573F8C9BA.NASL", "FEDORA_2016-7DB496F6F2.NASL", "FREEBSD_PKG_BFCC23B63B2711E68E82002590263BF5.NASL", "DEBIAN_DLA-633.NASL", "DEBIAN_DSA-3639.NASL", "DEBIAN_DLA-1452.NASL", "DEBIAN_DLA-568.NASL"]}, {"type": "fedora", "idList": ["FEDORA:5C8BB6087EF1", "FEDORA:D32706085AE8", "FEDORA:7F46C608A48B"]}, {"type": "debian", "idList": ["DEBIAN:DLA-568-1:8D4E9", "DEBIAN:DLA-1452-1:B62B2", "DEBIAN:DSA-3639-1:BF1EF", "DEBIAN:DLA-633-1:0192E"]}, {"type": "cve", "idList": ["CVE-2016-5832", "CVE-2016-5839", "CVE-2016-5836", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5833", "CVE-2016-5838", "CVE-2016-5835"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:8522", "WPVDB-ID:8518", "WPVDB-ID:8519", "WPVDB-ID:8524", "WPVDB-ID:8523", "WPVDB-ID:8520"]}], "modified": "2021-01-01T07:01:01", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2021-01-01T07:01:01", "rev": 2}, "vulnersScore": 6.3}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91810);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\n \"CVE-2016-5832\",\n \"CVE-2016-5833\",\n \"CVE-2016-5834\",\n \"CVE-2016-5835\",\n \"CVE-2016-5836\",\n \"CVE-2016-5837\",\n \"CVE-2016-5838\",\n \"CVE-2016-5839\"\n );\n script_bugtraq_id(\n 91362,\n 91363,\n 91364,\n 91365,\n 91366,\n 91367,\n 91368\n );\n\n script_name(english:\"WordPress < 4.5.3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of WordPress.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the WordPress\napplication running on the remote web server is prior to 4.5.3.\nIt is, therefore, affected by the following vulnerabilities :\n\n - An unspecified flaw exists in the Customizer component\n that allows an unauthenticated, remote attacker to\n perform a redirect bypass.\n\n - Multiple cross-site scripting vulnerabilities exist due\n to improper validation of user-supplied input when\n handling attachment names. An unauthenticated, remote\n attacker can exploit these issues, via a specially\n crafted request, to execute arbitrary script code in a\n user's browser session.\n\n - An information disclosure vulnerability exists that\n allows an unauthenticated, remote attacker to disclose\n revision history.\n\n - An unspecified flaw exists in oEmbed that allows an\n unauthenticated, remote attacker to cause a denial of\n service condition.\n\n - An unspecified flaw exists that allows an\n unauthenticated, remote attacker to remove categories\n from posts.\n\n - An unspecified flaw exists that is triggered when\n handling stolen cookies. An unauthenticated, remote\n attacker can exploit this to change user passwords.\n\n - Multiple unspecified flaws exist in the\n sanitize_file_name() function that allow an\n unauthenticated, remote attacker to have an unspecified\n impact.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://wordpress.org/news/2016/06/wordpress-4-5-3/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to WordPress version 4.5.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-5839\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/24\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wordpress:wordpress\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wordpress_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/WordPress\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\ninclude(\"http.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp = \"WordPress\";\nport = get_http_port(default:80, php:TRUE);\n\napp_info = vcf::get_app_info(app:app, port:port, webapp:TRUE);\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { \"fixed_version\":\"3.7.15\", \"fixed_display\" : \"3.7.15 / 4.5.3\" },\n { \"min_version\":\"3.8\", \"fixed_version\":\"3.8.15\", \"fixed_display\" : \"3.8.15 / 4.5.3\" },\n { \"min_version\":\"3.9\", \"fixed_version\":\"3.9.13\", \"fixed_display\" : \"3.9.13 / 4.5.3\" },\n { \"min_version\":\"4.0\", \"fixed_version\":\"4.0.12\", \"fixed_display\" : \"4.0.12 / 4.5.3\" },\n { \"min_version\":\"4.1\", \"fixed_version\":\"4.1.12\", \"fixed_display\" : \"4.1.12 / 4.5.3\" },\n { \"min_version\":\"4.2\", \"fixed_version\":\"4.2.9\", \"fixed_display\" : \"4.2.9 / 4.5.3\" },\n { \"min_version\":\"4.3\", \"fixed_version\":\"4.3.5\", \"fixed_display\" : \"4.3.5 / 4.5.3\" },\n { \"min_version\":\"4.4\", \"fixed_version\":\"4.4.4\", \"fixed_display\" : \"4.4.4 / 4.5.3\" },\n { \"min_version\":\"4.5\", \"fixed_version\":\"4.5.3\", \"fixed_display\" : \"4.5.3\" }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING,\n flags:{xss:TRUE}\n);\n", "naslFamily": "CGI abuses", "pluginID": "91810", "cpe": ["cpe:/a:wordpress:wordpress"], "scheme": null, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}}

{"openvas": [{"lastseen": "2019-05-29T18:35:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5836", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5833"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-02T00:00:00", "id": "OPENVAS:1361412562310808525", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808525", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2016-4573f8c9ba", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2016-4573f8c9ba\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808525\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-02 06:38:49 +0200 (Sat, 02 Jul 2016)\");\n script_cve_id(\"CVE-2016-5832\", \"CVE-2016-5833\", \"CVE-2016-5834\", \"CVE-2016-5835\",\n \"CVE-2016-5836\", \"CVE-2016-5837\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for wordpress FEDORA-2016-4573f8c9ba\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"wordpress on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-4573f8c9ba\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SRCP72QADSDM2BJHXIKMWBXOOHGU5WLD\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~4.5.3~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5836", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5833"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-02T00:00:00", "id": "OPENVAS:1361412562310808532", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808532", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2016-7db496f6f2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2016-7db496f6f2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808532\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-02 06:38:25 +0200 (Sat, 02 Jul 2016)\");\n script_cve_id(\"CVE-2016-5832\", \"CVE-2016-5833\", \"CVE-2016-5834\", \"CVE-2016-5835\",\n \"CVE-2016-5836\", \"CVE-2016-5837\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for wordpress FEDORA-2016-7db496f6f2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"wordpress on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-7db496f6f2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XENPUCHJN6XX7W52RUCCLWJJ34KX65X5\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~4.5.3~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-14T16:23:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5836", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5833"], "description": "This host is running WordPress and is prone\n to multiple vulnerabilities.", "modified": "2019-11-12T00:00:00", "published": "2016-07-20T00:00:00", "id": "OPENVAS:1361412562310808255", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808255", "type": "openvas", "title": "WordPress Multiple Vulnerabilities July16 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# WordPress Multiple Vulnerabilities July16 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wordpress:wordpress\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808255\");\n script_version(\"2019-11-12T13:33:43+0000\");\n script_cve_id(\"CVE-2016-5832\", \"CVE-2016-5833\", \"CVE-2016-5834\", \"CVE-2016-5835\",\n \"CVE-2016-5836\", \"CVE-2016-5837\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n script_bugtraq_id(91362, 91368, 91366, 91363, 91365, 91367, 91364);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-11-12 13:33:43 +0000 (Tue, 12 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-07-20 15:37:55 +0530 (Wed, 20 Jul 2016)\");\n script_name(\"WordPress Multiple Vulnerabilities July16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running WordPress and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An insufficient validation of user supplied input via attachment name in\n the column_title function in 'wp-admin/includes/class-wp-media-list-table.php'\n script.\n\n - An error related to 'wp-admin/includes/ajax-actions.php' and\n 'wp-admin/revision.php' scripts.\n\n - An error in customizer.\n\n - An insufficient validation of user supplied input via attachment name in\n the wp_get_attachment_link function in 'wp-includes/post-template.php'\n script.\n\n - An error in 'oEmbed' protocol implementation.\n\n - Other multiple unspecified errors.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attacker to inject arbitrary web script or HTML, obtain sensitive\n information, bypass intended redirection restrictions, cause a denial\n of service and bypass intended password-change restrictions.\");\n\n script_tag(name:\"affected\", value:\"WordPress versions prior to 4.5.3 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Update to WordPress version 4.5.3 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"https://wordpress.org/news/2016/06/wordpress-4-5-3\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"os_detection.nasl\", \"secpod_wordpress_detect_900182.nasl\");\n script_mandatory_keys(\"wordpress/installed\", \"Host/runs_windows\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!wpPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!wpVer = get_app_version(cpe:CPE, port:wpPort)){\n exit(0);\n}\n\nif(version_is_less(version:wpVer, test_version:\"4.5.3\"))\n{\n report = report_fixed_ver(installed_version:wpVer, fixed_version:\"4.5.3\");\n security_message(data:report, port:wpPort);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-14T16:24:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5836", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5833"], "description": "This host is running WordPress and is prone\n to multiple vulnerabilities.", "modified": "2019-11-12T00:00:00", "published": "2016-07-20T00:00:00", "id": "OPENVAS:1361412562310808256", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808256", "type": "openvas", "title": "WordPress Multiple Vulnerabilities July16 (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# WordPress Multiple Vulnerabilities July16 (Linux)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:wordpress:wordpress\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808256\");\n script_version(\"2019-11-12T13:33:43+0000\");\n script_cve_id(\"CVE-2016-5832\", \"CVE-2016-5833\", \"CVE-2016-5834\", \"CVE-2016-5835\",\n \"CVE-2016-5836\", \"CVE-2016-5837\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n script_bugtraq_id(91362, 91368, 91366, 91363, 91365, 91367, 91364);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-11-12 13:33:43 +0000 (Tue, 12 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-07-20 15:37:55 +0530 (Wed, 20 Jul 2016)\");\n script_name(\"WordPress Multiple Vulnerabilities July16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running WordPress and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An insufficient validation of user supplied input via attachment name in\n the column_title function in 'wp-admin/includes/class-wp-media-list-table.php'\n script.\n\n - An error related to 'wp-admin/includes/ajax-actions.php' and\n 'wp-admin/revision.php' scripts.\n\n - An error in customizer.\n\n - An insufficient validation of user supplied input via attachment name in\n the wp_get_attachment_link function in 'wp-includes/post-template.php'\n script.\n\n - An error in 'oEmbed' protocol implementation.\n\n - Other multiple unspecified errors.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allow\n remote attacker to inject arbitrary web script or HTML, obtain sensitive\n information, bypass intended redirection restrictions, cause a denial\n of service and bypass intended password-change restrictions.\");\n\n script_tag(name:\"affected\", value:\"WordPress versions prior to 4.5.3 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Update to WordPress version 4.5.3 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"https://wordpress.org/news/2016/06/wordpress-4-5-3\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"os_detection.nasl\", \"secpod_wordpress_detect_900182.nasl\");\n script_mandatory_keys(\"wordpress/installed\", \"Host/runs_unixoide\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!wpPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!wpVer = get_app_version(cpe:CPE, port:wpPort)){\n exit(0);\n}\n\nif(version_is_less(version:wpVer, test_version:\"4.5.3\"))\n{\n report = report_fixed_ver(installed_version:wpVer, fixed_version:\"4.5.3\");\n security_message(data:report, port:wpPort);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5836", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5833"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-02T00:00:00", "id": "OPENVAS:1361412562310808518", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808518", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2016-a5e392ef01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2016-a5e392ef01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808518\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-02 06:38:33 +0200 (Sat, 02 Jul 2016)\");\n script_cve_id(\"CVE-2016-5832\", \"CVE-2016-5833\", \"CVE-2016-5834\", \"CVE-2016-5835\",\n \"CVE-2016-5836\", \"CVE-2016-5837\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for wordpress FEDORA-2016-a5e392ef01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"wordpress on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-a5e392ef01\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLCLYJ46QFB2XG5BMVN7J5ZEGCPQ4BUQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~4.5.3~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:34:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5838", "CVE-2016-5835", "CVE-2015-8834"], "description": "Several vulnerabilities were discovered\nin wordpress, a web blogging tool, which could allow remote attackers to compromise\na site via cross-site scripting, bypass restrictions, obtain sensitive\nrevision-history information, or mount a denial of service.", "modified": "2019-03-18T00:00:00", "published": "2016-08-04T00:00:00", "id": "OPENVAS:1361412562310703639", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703639", "type": "openvas", "title": "Debian Security Advisory DSA 3639-1 (wordpress - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3639.nasl 3798 2016-08-04 11:01:10Z antu123 $\n# Auto-generated from advisory DSA 3639-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703639\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2015-8834\", \"CVE-2016-5832\", \"CVE-2016-5834\", \"CVE-2016-5835\",\n \"CVE-2016-5837\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n script_name(\"Debian Security Advisory DSA 3639-1 (wordpress - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-04 16:27:41 +0530 (Thu, 04 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3639.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"wordpress on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 4.1+dfsg-1+deb8u9.\n\nWe recommend that you upgrade your wordpress packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered\nin wordpress, a web blogging tool, which could allow remote attackers to compromise\na site via cross-site scripting, bypass restrictions, obtain sensitive\nrevision-history information, or mount a denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"wordpress\", ver:\"4.1+dfsg-1+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"4.1+dfsg-1+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wordpress-theme-twentyfifteen\", ver:\"4.1+dfsg-1+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wordpress-theme-twentyfourteen\", ver:\"4.1+dfsg-1+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wordpress-theme-twentythirteen\", ver:\"4.1+dfsg-1+deb8u9\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-24T12:54:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5838", "CVE-2016-5835", "CVE-2015-8834"], "description": "Several vulnerabilities were discovered\nin wordpress, a web blogging tool, which could allow remote attackers to compromise\na site via cross-site scripting, bypass restrictions, obtain sensitive\nrevision-history information, or mount a denial of service.", "modified": "2017-07-07T00:00:00", "published": "2016-08-04T00:00:00", "id": "OPENVAS:703639", "href": "http://plugins.openvas.org/nasl.php?oid=703639", "type": "openvas", "title": "Debian Security Advisory DSA 3639-1 (wordpress - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3639.nasl 3798 2016-08-04 11:01:10Z antu123 $\n# Auto-generated from advisory DSA 3639-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703639);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2015-8834\", \"CVE-2016-5832\", \"CVE-2016-5834\", \"CVE-2016-5835\",\n \"CVE-2016-5837\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n script_name(\"Debian Security Advisory DSA 3639-1 (wordpress - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-04 16:27:41 +0530 (Thu, 04 Aug 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3639.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"wordpress on Debian Linux\");\n script_tag(name: \"insight\", value: \"WordPress is a full featured web\nblogging tool:\n\n* Instant publishing (no rebuilding)\n* Comment pingback support with spam protection\n* Non-crufty URLs\n* Themable\n* Plugin support\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 4.1+dfsg-1+deb8u9.\n\nWe recommend that you upgrade your wordpress packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were discovered\nin wordpress, a web blogging tool, which could allow remote attackers to compromise\na site via cross-site scripting, bypass restrictions, obtain sensitive\nrevision-history information, or mount a denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"4.1+dfsg-1+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"4.1+dfsg-1+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-theme-twentyfifteen\", ver:\"4.1+dfsg-1+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-theme-twentyfourteen\", ver:\"4.1+dfsg-1+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-theme-twentythirteen\", ver:\"4.1+dfsg-1+deb8u9\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-01-29T20:09:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5836", "CVE-2018-12895"], "description": "Two vulnerabilities were discovered in wordpress, a web blogging\ntool. The Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2016-5836\n\nThe oEmbed protocol implementation in WordPress before 4.5.3 allows\nremote attackers to cause a denial of service via unspecified\nvectors.\n\nCVE-2018-12895\n\nA vulnerability was discovered in Wordpress, a web blogging tool. It\nallowed remote attackers with specific roles to execute arbitrary\ncode.", "modified": "2020-01-29T00:00:00", "published": "2018-07-30T00:00:00", "id": "OPENVAS:1361412562310891452", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891452", "type": "openvas", "title": "Debian LTS: Security Advisory for wordpress (DLA-1452-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891452\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2016-5836\", \"CVE-2018-12895\");\n script_name(\"Debian LTS: Security Advisory for wordpress (DLA-1452-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-30 00:00:00 +0200 (Mon, 30 Jul 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/07/msg00046.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"wordpress on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4.1+dfsg-1+deb8u18.\n\nWe recommend that you upgrade your wordpress packages.\");\n\n script_tag(name:\"summary\", value:\"Two vulnerabilities were discovered in wordpress, a web blogging\ntool. The Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2016-5836\n\nThe oEmbed protocol implementation in WordPress before 4.5.3 allows\nremote attackers to cause a denial of service via unspecified\nvectors.\n\nCVE-2018-12895\n\nA vulnerability was discovered in Wordpress, a web blogging tool. It\nallowed remote attackers with specific roles to execute arbitrary\ncode.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"wordpress\", ver:\"4.1+dfsg-1+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"4.1+dfsg-1+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wordpress-theme-twentyfifteen\", ver:\"4.1+dfsg-1+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wordpress-theme-twentyfourteen\", ver:\"4.1+dfsg-1+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"wordpress-theme-twentythirteen\", ver:\"4.1+dfsg-1+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:40", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5836", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5833"], "description": "\nAdam Silverstein reports:\n\nWordPress 4.5.3 is now available. This is a security release for\n\t all previous versions and we strongly encourage you to update your\n\t sites immediately.\nWordPress versions 4.5.2 and earlier are affected by several\n\t security issues: redirect bypass in the customizer, reported by\n\t Yassine Aboukir; two different XSS problems via attachment names,\n\t reported by Jouko Pynn\u00c3\u00b6nenand Divyesh Prajapati; revision history\n\t information disclosure, reported independently by John Blackbourn\n\t from the WordPress security team and by Dan Moen from the Wordfence\n\t Research Team; oEmbed denial of service reported by Jennifer Dodd\n\t from Automattic; unauthorized category removal from a post, reported\n\t by David Herrera from Alley Interactive; password change via stolen\n\t cookie, reported by Michael Adams from the WordPress security team;\n\t and some less secure sanitize_file_name edge cases reported by Peter\n\t Westwood of the WordPress security team.\n\n", "edition": 4, "modified": "2016-06-18T00:00:00", "published": "2016-06-18T00:00:00", "id": "BFCC23B6-3B27-11E6-8E82-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/bfcc23b6-3b27-11e6-8e82-002590263bf5.html", "title": "wordpress -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-06T10:57:50", "description": "Adam Silverstein reports :\n\nWordPress 4.5.3 is now available. This is a security release for all\nprevious versions and we strongly encourage you to update your sites\nimmediately.\n\nWordPress versions 4.5.2 and earlier are affected by several security\nissues: redirect bypass in the customizer, reported by Yassine\nAboukir; two different XSS problems via attachment names, reported by\nJouko Pynnonenand Divyesh Prajapati; revision history information\ndisclosure, reported independently by John Blackbourn from the\nWordPress security team and by Dan Moen from the Wordfence Research\nTeam; oEmbed denial of service reported by Jennifer Dodd from\nAutomattic; unauthorized category removal from a post, reported by\nDavid Herrera from Alley Interactive; password change via stolen\ncookie, reported by Michael Adams from the WordPress security team;\nand some less secure sanitize_file_name edge cases reported by Peter\nWestwood of the WordPress security team.", "edition": 26, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2016-06-27T00:00:00", "title": "FreeBSD : wordpress -- multiple vulnerabilities (bfcc23b6-3b27-11e6-8e82-002590263bf5)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5836", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5833"], "modified": "2016-06-27T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ru-wordpress", "p-cpe:/a:freebsd:freebsd:ja-wordpress", "p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_TW", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:de-wordpress", "p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_CN", "p-cpe:/a:freebsd:freebsd:wordpress"], "id": "FREEBSD_PKG_BFCC23B63B2711E68E82002590263BF5.NASL", "href": "https://www.tenable.com/plugins/nessus/91840", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91840);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-5832\", \"CVE-2016-5833\", \"CVE-2016-5834\", \"CVE-2016-5835\", \"CVE-2016-5836\", \"CVE-2016-5837\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n\n script_name(english:\"FreeBSD : wordpress -- multiple vulnerabilities (bfcc23b6-3b27-11e6-8e82-002590263bf5)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Adam Silverstein reports :\n\nWordPress 4.5.3 is now available. This is a security release for all\nprevious versions and we strongly encourage you to update your sites\nimmediately.\n\nWordPress versions 4.5.2 and earlier are affected by several security\nissues: redirect bypass in the customizer, reported by Yassine\nAboukir; two different XSS problems via attachment names, reported by\nJouko Pynnonenand Divyesh Prajapati; revision history information\ndisclosure, reported independently by John Blackbourn from the\nWordPress security team and by Dan Moen from the Wordfence Research\nTeam; oEmbed denial of service reported by Jennifer Dodd from\nAutomattic; unauthorized category removal from a post, reported by\nDavid Herrera from Alley Interactive; password change via stolen\ncookie, reported by Michael Adams from the WordPress security team;\nand some less secure sanitize_file_name edge cases reported by Peter\nWestwood of the WordPress security team.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210480\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210581\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wordpress.org/news/2016/06/wordpress-4-5-3/\"\n );\n # http://www.openwall.com/lists/oss-security/2016/06/23/9\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openwall.com/lists/oss-security/2016/06/23/9\"\n );\n # https://vuxml.freebsd.org/freebsd/bfcc23b6-3b27-11e6-8e82-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e56b3db1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:de-wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ja-wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ru-wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"wordpress<4.5.3,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"de-wordpress<4.5.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ja-wordpress<4.5.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ru-wordpress<4.5.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"zh-wordpress-zh_CN<4.5.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"zh-wordpress-zh_TW<4.5.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T09:49:44", "description": "Several vulnerabilities were discovered in wordpress, a web blogging\ntool, which could allow remote attackers to compromise a site via\ncross-site scripting, bypass restrictions, obtain sensitive\nrevision-history information, or mount a denial of service.", "edition": 24, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2016-08-04T00:00:00", "title": "Debian DSA-3639-1 : wordpress - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5838", "CVE-2016-5835", "CVE-2015-8834"], "modified": "2016-08-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wordpress", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3639.NASL", "href": "https://www.tenable.com/plugins/nessus/92706", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3639. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92706);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8834\", \"CVE-2016-5832\", \"CVE-2016-5834\", \"CVE-2016-5835\", \"CVE-2016-5837\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n script_xref(name:\"DSA\", value:\"3639\");\n\n script_name(english:\"Debian DSA-3639-1 : wordpress - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in wordpress, a web blogging\ntool, which could allow remote attackers to compromise a site via\ncross-site scripting, bypass restrictions, obtain sensitive\nrevision-history information, or mount a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/wordpress\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3639\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wordpress packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 4.1+dfsg-1+deb8u9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"wordpress\", reference:\"4.1+dfsg-1+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-l10n\", reference:\"4.1+dfsg-1+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-theme-twentyfifteen\", reference:\"4.1+dfsg-1+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-theme-twentyfourteen\", reference:\"4.1+dfsg-1+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-theme-twentythirteen\", reference:\"4.1+dfsg-1+deb8u9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T09:43:55", "description": "Several vulnerabilities were discovered in wordpress, a web blogging\ntool. The Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2016-5387 WordPress allows remote attackers to bypass intended\naccess restrictions and remove a category attribute from a post via\nunspecified vectors.\n\nCVE-2016-5832 The customizer in WordPress allows remote attackers to\nbypass intended redirection restrictions via unspecified vectors.\n\nCVE-2016-5834 Cross-site scripting (XSS) vulnerability in the\nwp_get_attachment_link function in wp-includes/post- template.php in\nWordPress allows remote attackers to inject arbitrary web script or\nHTML via a crafted attachment name.\n\nCVE-2016-5835 WordPress allows remote attackers to obtain sensitive\nrevision-history information by leveraging the ability to read a post\nrelated to wp-admin/includes/ajax-actions.php and\nwp-admin/revision.php.\n\nCVE-2016-5838 WordPress allows remote attackers to bypass intended\npassword- change restrictions by leveraging knowledge of a cookie.\n\nCVE-2016-5839 WordPress allows remote attackers to bypass the\nsanitize_file_name protection mechanism via unspecified vectors.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.6.1+dfsg-1~deb7u11.\n\nWe recommend that you upgrade your wordpress packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 20, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-08-01T00:00:00", "title": "Debian DLA-568-1 : wordpress security update (httpoxy)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5387"], "modified": "2016-08-01T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wordpress", "p-cpe:/a:debian:debian_linux:wordpress-l10n", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-568.NASL", "href": "https://www.tenable.com/plugins/nessus/92632", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-568-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92632);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5387\", \"CVE-2016-5832\", \"CVE-2016-5834\", \"CVE-2016-5835\", \"CVE-2016-5838\", \"CVE-2016-5839\");\n\n script_name(english:\"Debian DLA-568-1 : wordpress security update (httpoxy)\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in wordpress, a web blogging\ntool. The Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2016-5387 WordPress allows remote attackers to bypass intended\naccess restrictions and remove a category attribute from a post via\nunspecified vectors.\n\nCVE-2016-5832 The customizer in WordPress allows remote attackers to\nbypass intended redirection restrictions via unspecified vectors.\n\nCVE-2016-5834 Cross-site scripting (XSS) vulnerability in the\nwp_get_attachment_link function in wp-includes/post- template.php in\nWordPress allows remote attackers to inject arbitrary web script or\nHTML via a crafted attachment name.\n\nCVE-2016-5835 WordPress allows remote attackers to obtain sensitive\nrevision-history information by leveraging the ability to read a post\nrelated to wp-admin/includes/ajax-actions.php and\nwp-admin/revision.php.\n\nCVE-2016-5838 WordPress allows remote attackers to bypass intended\npassword- change restrictions by leveraging knowledge of a cookie.\n\nCVE-2016-5839 WordPress allows remote attackers to bypass the\nsanitize_file_name protection mechanism via unspecified vectors.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.6.1+dfsg-1~deb7u11.\n\nWe recommend that you upgrade your wordpress packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/07/msg00029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wordpress\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected wordpress, and wordpress-l10n packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/29\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"wordpress\", reference:\"3.6.1+dfsg-1~deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wordpress-l10n\", reference:\"3.6.1+dfsg-1~deb7u11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:14:13", "description": "See upstream announcement [WordPress 4.5.3 Maintenance and Security\nRelease](ttps://wordpress.org/news/2016/06/wordpress-4-5-3/)\n\nPackaging changes :\n\n - provide nginx configuration (fedora)\n\n - drop mandatory dependency on httpd (suggested) #1336091\n\n - protect php files in uploads directory\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 18, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2016-07-15T00:00:00", "title": "Fedora 22 : wordpress (2016-4573f8c9ba)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5832"], "modified": "2016-07-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wordpress", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-4573F8C9BA.NASL", "href": "https://www.tenable.com/plugins/nessus/92247", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-4573f8c9ba.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92247);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5832\");\n script_xref(name:\"FEDORA\", value:\"2016-4573f8c9ba\");\n\n script_name(english:\"Fedora 22 : wordpress (2016-4573f8c9ba)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"See upstream announcement [WordPress 4.5.3 Maintenance and Security\nRelease](ttps://wordpress.org/news/2016/06/wordpress-4-5-3/)\n\nPackaging changes :\n\n - provide nginx configuration (fedora)\n\n - drop mandatory dependency on httpd (suggested) #1336091\n\n - protect php files in uploads directory\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-4573f8c9ba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"wordpress-4.5.3-1.fc22\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:14:26", "description": "See upstream announcement [WordPress 4.5.3 Maintenance and Security\nRelease](ttps://wordpress.org/news/2016/06/wordpress-4-5-3/)\n\nPackaging changes :\n\n - provide nginx configuration (fedora)\n\n - drop mandatory dependency on httpd (suggested) #1336091\n\n - protect php files in uploads directory\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 18, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2016-07-15T00:00:00", "title": "Fedora 24 : wordpress (2016-7db496f6f2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5832"], "modified": "2016-07-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wordpress", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-7DB496F6F2.NASL", "href": "https://www.tenable.com/plugins/nessus/92260", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-7db496f6f2.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92260);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5832\");\n script_xref(name:\"FEDORA\", value:\"2016-7db496f6f2\");\n\n script_name(english:\"Fedora 24 : wordpress (2016-7db496f6f2)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"See upstream announcement [WordPress 4.5.3 Maintenance and Security\nRelease](ttps://wordpress.org/news/2016/06/wordpress-4-5-3/)\n\nPackaging changes :\n\n - provide nginx configuration (fedora)\n\n - drop mandatory dependency on httpd (suggested) #1336091\n\n - protect php files in uploads directory\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-7db496f6f2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"wordpress-4.5.3-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:14:37", "description": "See upstream announcement [WordPress 4.5.3 Maintenance and Security\nRelease](ttps://wordpress.org/news/2016/06/wordpress-4-5-3/)\n\nPackaging changes :\n\n - provide nginx configuration (fedora)\n\n - drop mandatory dependency on httpd (suggested) #1336091\n\n - protect php files in uploads directory\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 18, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2016-07-15T00:00:00", "title": "Fedora 23 : wordpress (2016-a5e392ef01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5832"], "modified": "2016-07-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:wordpress", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-A5E392EF01.NASL", "href": "https://www.tenable.com/plugins/nessus/92276", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-a5e392ef01.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92276);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5832\");\n script_xref(name:\"FEDORA\", value:\"2016-a5e392ef01\");\n\n script_name(english:\"Fedora 23 : wordpress (2016-a5e392ef01)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"See upstream announcement [WordPress 4.5.3 Maintenance and Security\nRelease](ttps://wordpress.org/news/2016/06/wordpress-4-5-3/)\n\nPackaging changes :\n\n - provide nginx configuration (fedora)\n\n - drop mandatory dependency on httpd (suggested) #1336091\n\n - protect php files in uploads directory\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-a5e392ef01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"wordpress-4.5.3-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T09:39:39", "description": "Two vulnerabilities were discovered in wordpress, a web blogging tool.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2016-5836\n\nThe oEmbed protocol implementation in WordPress before 4.5.3 allows\nremote attackers to cause a denial of service via unspecified vectors.\n\nCVE-2018-12895\n\nA vulnerability was discovered in Wordpress, a web blogging tool. It\nallowed remote attackers with specific roles to execute arbitrary\ncode.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n4.1+dfsg-1+deb8u18.\n\nWe recommend that you upgrade your wordpress packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 22, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-07-30T00:00:00", "title": "Debian DLA-1452-1 : wordpress security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-5836", "CVE-2018-12895"], "modified": "2018-07-30T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wordpress-theme-twentythirteen", "p-cpe:/a:debian:debian_linux:wordpress", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:wordpress-theme-twentyfourteen", "p-cpe:/a:debian:debian_linux:wordpress-l10n", "p-cpe:/a:debian:debian_linux:wordpress-theme-twentyfifteen"], "id": "DEBIAN_DLA-1452.NASL", "href": "https://www.tenable.com/plugins/nessus/111393", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1452-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111393);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5836\", \"CVE-2018-12895\");\n\n script_name(english:\"Debian DLA-1452-1 : wordpress security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities were discovered in wordpress, a web blogging tool.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2016-5836\n\nThe oEmbed protocol implementation in WordPress before 4.5.3 allows\nremote attackers to cause a denial of service via unspecified vectors.\n\nCVE-2018-12895\n\nA vulnerability was discovered in Wordpress, a web blogging tool. It\nallowed remote attackers with specific roles to execute arbitrary\ncode.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n4.1+dfsg-1+deb8u18.\n\nWe recommend that you upgrade your wordpress packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/07/msg00046.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/wordpress\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:X\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress-theme-twentyfifteen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress-theme-twentyfourteen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress-theme-twentythirteen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"wordpress\", reference:\"4.1+dfsg-1+deb8u18\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-l10n\", reference:\"4.1+dfsg-1+deb8u18\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-theme-twentyfifteen\", reference:\"4.1+dfsg-1+deb8u18\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-theme-twentyfourteen\", reference:\"4.1+dfsg-1+deb8u18\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"wordpress-theme-twentythirteen\", reference:\"4.1+dfsg-1+deb8u18\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:43:59", "description": "Several vulnerabilities were discovered in wordpress, a web blogging\ntool. The Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2015-8834: Cross-site scripting (XSS) vulnerability in\nwp-includes/wp-db.php in WordPress before 4.2.2 allows remote\nattackers to inject arbitrary web script or HTML via a long comment\nthat is improperly stored because of limitations on the MySQL TEXT\ndata type. NOTE: this vulnerability exists because of an incomplete\nfix for CVE-2015-3440\n\nCVE-2016-4029: WordPress before 4.5 does not consider octal and\nhexadecimal IP address formats when determining an intranet address,\nwhich allows remote attackers to bypass an intended SSRF protection\nmechanism via a crafted address.\n\nCVE-2016-5836: The oEmbed protocol implementation in WordPress before\n4.5.3 allows remote attackers to cause a denial of service via\nunspecified vectors.\n\nCVE-2016-6634: Cross-site scripting (XSS) vulnerability in the network\nsettings page in WordPress before 4.5 allows remote attackers to\ninject arbitrary web script or HTML via unspecified vectors.\n\nCVE-2016-6635: Cross-site request forgery (CSRF) vulnerability in the\nwp_ajax_wp_compression_test function in wp-admin/includes/ajax-\nactions.php in WordPress before 4.5 allows remote attackers to hijack\nthe authentication of administrators for requests that change the\nscript compression option.\n\nCVE-2016-7168: Fix a cross-site scripting vulnerability via image\nfilename.\n\nCVE-2016-7169: Fix a path traversal vulnerability in the upgrade\npackage uploader.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.6.1+dfsg-1~deb7u12.\n\nWe recommend that you upgrade your wordpress packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 20, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-09-23T00:00:00", "title": "Debian DLA-633-1 : wordpress security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6635", "CVE-2016-7168", "CVE-2016-5836", "CVE-2016-4029", "CVE-2015-8834", "CVE-2015-3440", "CVE-2016-7169", "CVE-2016-6634"], "modified": "2016-09-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:wordpress", "p-cpe:/a:debian:debian_linux:wordpress-l10n", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-633.NASL", "href": "https://www.tenable.com/plugins/nessus/93667", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-633-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93667);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8834\", \"CVE-2016-4029\", \"CVE-2016-5836\", \"CVE-2016-6634\", \"CVE-2016-6635\", \"CVE-2016-7168\", \"CVE-2016-7169\");\n\n script_name(english:\"Debian DLA-633-1 : wordpress security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in wordpress, a web blogging\ntool. The Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2015-8834: Cross-site scripting (XSS) vulnerability in\nwp-includes/wp-db.php in WordPress before 4.2.2 allows remote\nattackers to inject arbitrary web script or HTML via a long comment\nthat is improperly stored because of limitations on the MySQL TEXT\ndata type. NOTE: this vulnerability exists because of an incomplete\nfix for CVE-2015-3440\n\nCVE-2016-4029: WordPress before 4.5 does not consider octal and\nhexadecimal IP address formats when determining an intranet address,\nwhich allows remote attackers to bypass an intended SSRF protection\nmechanism via a crafted address.\n\nCVE-2016-5836: The oEmbed protocol implementation in WordPress before\n4.5.3 allows remote attackers to cause a denial of service via\nunspecified vectors.\n\nCVE-2016-6634: Cross-site scripting (XSS) vulnerability in the network\nsettings page in WordPress before 4.5 allows remote attackers to\ninject arbitrary web script or HTML via unspecified vectors.\n\nCVE-2016-6635: Cross-site request forgery (CSRF) vulnerability in the\nwp_ajax_wp_compression_test function in wp-admin/includes/ajax-\nactions.php in WordPress before 4.5 allows remote attackers to hijack\nthe authentication of administrators for requests that change the\nscript compression option.\n\nCVE-2016-7168: Fix a cross-site scripting vulnerability via image\nfilename.\n\nCVE-2016-7169: Fix a path traversal vulnerability in the upgrade\npackage uploader.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.6.1+dfsg-1~deb7u12.\n\nWe recommend that you upgrade your wordpress packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/09/msg00026.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wordpress\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected wordpress, and wordpress-l10n packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"wordpress\", reference:\"3.6.1+dfsg-1~deb7u12\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wordpress-l10n\", reference:\"3.6.1+dfsg-1~deb7u12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5832", "CVE-2016-5833", "CVE-2016-5834", "CVE-2016-5836", "CVE-2016-5837", "CVE-2016-5838", "CVE-2016-5839"], "description": "Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. Important information in /usr/share/doc/wordpress/README.fedora ", "modified": "2016-06-30T14:53:10", "published": "2016-06-30T14:53:10", "id": "FEDORA:D32706085AE8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: wordpress-4.5.3-1.fc22", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5832", "CVE-2016-5833", "CVE-2016-5834", "CVE-2016-5836", "CVE-2016-5837", "CVE-2016-5838", "CVE-2016-5839"], "description": "Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. Important information in /usr/share/doc/wordpress/README.fedora ", "modified": "2016-06-30T19:54:36", "published": "2016-06-30T19:54:36", "id": "FEDORA:5C8BB6087EF1", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: wordpress-4.5.3-1.fc23", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5832", "CVE-2016-5833", "CVE-2016-5834", "CVE-2016-5836", "CVE-2016-5837", "CVE-2016-5838", "CVE-2016-5839"], "description": "Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. Important information in /usr/share/doc/wordpress/README.fedora ", "modified": "2016-06-30T21:32:26", "published": "2016-06-30T21:32:26", "id": "FEDORA:7F46C608A48B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: wordpress-4.5.3-1.fc24", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2020-08-12T00:56:27", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5837", "CVE-2016-5838", "CVE-2016-5835", "CVE-2015-8834"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3639-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 03, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wordpress\nCVE ID : CVE-2015-8834 CVE-2016-5832 CVE-2016-5834 CVE-2016-5835 \n CVE-2016-5837 CVE-2016-5838 CVE-2016-5839\n\nSeveral vulnerabilities were discovered in wordpress, a web blogging\ntool, which could allow remote attackers to compromise a site via\ncross-site scripting, bypass restrictions, obtain sensitive\nrevision-history information, or mount a denial of service.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 4.1+dfsg-1+deb8u9.\n\nWe recommend that you upgrade your wordpress packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2016-08-03T15:36:38", "published": "2016-08-03T15:36:38", "id": "DEBIAN:DSA-3639-1:BF1EF", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00217.html", "title": "[SECURITY] [DSA 3639-1] wordpress security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-30T02:22:37", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5839", "CVE-2016-5832", "CVE-2016-5834", "CVE-2016-5838", "CVE-2016-5835", "CVE-2016-5387"], "description": "Package : wordpress\nVersion : 3.6.1+dfsg-1~deb7u11\nCVE ID : CVE-2016-5387 CVE-2016-5832 CVE-2016-5834\n\t\t CVE-2016-5835 CVE-2016-5838 CVE-2016-5839\nDebian Bug : 828225\n\n\nSeveral vulnerabilities were discovered in wordpress, a web blogging\ntool. The Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2016-5387\n WordPress allows remote attackers to bypass intended\n access restrictions and remove a category attribute from a post via\n unspecified vectors.\n\nCVE-2016-5832\n The customizer in WordPress allows remote attackers to\n bypass intended redirection restrictions via unspecified vectors.\n\nCVE-2016-5834\n Cross-site scripting (XSS) vulnerability in the\n wp_get_attachment_link function in wp-includes/post-\n template.php in WordPress allows remote\n attackers to inject arbitrary web script or HTML via a crafted\n attachment name.\n\nCVE-2016-5835\n WordPress allows remote attackers to obtain sensitive\n revision-history information by leveraging the ability to read a\n post related to wp-admin/includes/ajax-actions.php and\n wp-admin/revision.php.\n\nCVE-2016-5838\n WordPress allows remote attackers to bypass intended password-\n change restrictions by leveraging knowledge of a cookie.\n\nCVE-2016-5839\n WordPress allows remote attackers to bypass the\n sanitize_file_name protection mechanism via unspecified vectors.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n3.6.1+dfsg-1~deb7u11.\n\nWe recommend that you upgrade your wordpress packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2016-07-29T16:23:42", "published": "2016-07-29T16:23:42", "id": "DEBIAN:DLA-568-1:8D4E9", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201607/msg00029.html", "title": "[SECURITY] [DLA 568-1] wordpress security update", "type": "debian", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T01:02:47", "bulletinFamily": "unix", "cvelist": ["CVE-2016-5836", "CVE-2018-12895"], "description": "Package : wordpress\nVersion : 4.1+dfsg-1+deb8u18\nCVE ID : CVE-2016-5836 CVE-2018-12895\nDebian Bug : 902876\n\nTwo vulnerabilities were discovered in wordpress, a web blogging\ntool. The Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2016-5836\n\n The oEmbed protocol implementation in WordPress before 4.5.3 allows\n remote attackers to cause a denial of service via unspecified\n vectors.\n\nCVE-2018-12895\n\n A vulnerability was discovered in Wordpress, a web blogging tool. It\n allowed remote attackers with specific roles to execute arbitrary\n code.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n4.1+dfsg-1+deb8u18.\n\nWe recommend that you upgrade your wordpress packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 8, "modified": "2018-07-30T00:19:55", "published": "2018-07-30T00:19:55", "id": "DEBIAN:DLA-1452-1:B62B2", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201807/msg00046.html", "title": "[SECURITY] [DLA 1452-1] wordpress security update", "type": "debian", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:23:06", "bulletinFamily": "unix", "cvelist": ["CVE-2016-6635", "CVE-2016-7168", "CVE-2016-5836", "CVE-2016-4029", "CVE-2015-8834", "CVE-2015-3440", "CVE-2016-7169", "CVE-2016-6634"], "description": "Package : wordpress\nVersion : 3.6.1+dfsg-1~deb7u12\nCVE ID : CVE-2015-8834 CVE-2016-4029 CVE-2016-5836\n CVE-2016-6634 CVE-2016-6635 CVE-2016-7168\n CVE-2016-7169\n\nSeveral vulnerabilities were discovered in wordpress, a web blogging\ntool. The Common Vulnerabilities and Exposures project identifies the\nfollowing issues.\n\nCVE-2015-8834:\n Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in\n WordPress before 4.2.2 allows remote attackers to inject arbitrary\n web script or HTML via a long comment that is improperly stored\n because of limitations on the MySQL TEXT data type.\n NOTE: this vulnerability exists because of an incomplete fix for\n CVE-2015-3440\n\nCVE-2016-4029:\n WordPress before 4.5 does not consider octal and hexadecimal IP\n address formats when determining an intranet address, which allows\n remote attackers to bypass an intended SSRF protection mechanism\n via a crafted address.\n\nCVE-2016-5836:\n The oEmbed protocol implementation in WordPress before 4.5.3 allows\n remote attackers to cause a denial of service via unspecified\n vectors.\n\nCVE-2016-6634:\n Cross-site scripting (XSS) vulnerability in the network settings\n page in WordPress before 4.5 allows remote attackers to inject\n arbitrary web script or HTML via unspecified vectors.\n\nCVE-2016-6635:\n Cross-site request forgery (CSRF) vulnerability in the\n wp_ajax_wp_compression_test function in wp-admin/includes/ajax-\n actions.php in WordPress before 4.5 allows remote attackers to\n hijack the authentication of administrators for requests that\n change the script compression option.\n\nCVE-2016-7168:\n Fix a cross-site scripting vulnerability via image filename.\n\nCVE-2016-7169:\n Fix a path traversal vulnerability in the upgrade package uploader.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n3.6.1+dfsg-1~deb7u12.\n\nWe recommend that you upgrade your wordpress packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2016-09-22T20:12:33", "published": "2016-09-22T20:12:33", "id": "DEBIAN:DLA-633-1:0192E", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201609/msg00026.html", "title": "[SECURITY] [DLA 633-1] wordpress security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2020-12-09T20:07:40", "description": "Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-06-29T14:10:00", "title": "CVE-2016-5834", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5834"], "modified": "2016-11-30T03:07:00", "cpe": ["cpe:/a:wordpress:wordpress:4.5.2"], "id": "CVE-2016-5834", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5834", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:4.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:40", "description": "The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-06-29T14:10:00", "title": "CVE-2016-5836", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5836"], "modified": "2018-07-31T01:29:00", "cpe": ["cpe:/a:wordpress:wordpress:4.5.2"], "id": "CVE-2016-5836", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5836", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:4.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:40", "description": "The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-06-29T14:10:00", "title": "CVE-2016-5832", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5832"], "modified": "2016-11-30T03:07:00", "cpe": ["cpe:/a:wordpress:wordpress:4.5.2"], "id": "CVE-2016-5832", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5832", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:4.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:40", "description": "WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-06-29T14:10:00", "title": "CVE-2016-5837", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5837"], "modified": "2016-11-30T03:07:00", "cpe": ["cpe:/a:wordpress:wordpress:4.5.2"], "id": "CVE-2016-5837", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5837", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:4.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:40", "description": "WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-06-29T14:10:00", "title": "CVE-2016-5835", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5835"], "modified": "2016-11-30T03:07:00", "cpe": ["cpe:/a:wordpress:wordpress:4.5.2"], "id": "CVE-2016-5835", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5835", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:4.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:40", "description": "WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-06-29T14:10:00", "title": "CVE-2016-5839", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5839"], "modified": "2016-11-28T20:29:00", "cpe": ["cpe:/a:wordpress:wordpress:4.5.2"], "id": "CVE-2016-5839", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5839", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:4.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:40", "description": "WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-06-29T14:10:00", "title": "CVE-2016-5838", "type": "cve", "cwe": ["CWE-255"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5838"], "modified": "2016-11-30T03:07:00", "cpe": ["cpe:/a:wordpress:wordpress:4.5.2"], "id": "CVE-2016-5838", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5838", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:4.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:40", "description": "Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5834.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2016-06-29T14:10:00", "title": "CVE-2016-5833", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5833"], "modified": "2016-11-30T03:07:00", "cpe": ["cpe:/a:wordpress:wordpress:4.5.2"], "id": "CVE-2016-5833", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5833", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:4.5.2:*:*:*:*:*:*:*"]}], "wpvulndb": [{"lastseen": "2020-06-29T19:36:48", "bulletinFamily": "software", "cvelist": ["CVE-2016-5833", "CVE-2016-5834"], "description": "WordPress Vulnerability - WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS\n", "modified": "2019-11-01T00:00:00", "published": "2016-06-21T00:00:00", "id": "WPVDB-ID:8518", "href": "https://wpvulndb.com/vulnerabilities/8518", "type": "wpvulndb", "title": "WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-16T03:37:47", "bulletinFamily": "software", "cvelist": ["CVE-2016-5832"], "description": "WordPress Vulnerability - WordPress 4.5.2 - Redirect Bypass\n", "modified": "2019-11-01T00:00:00", "published": "2016-06-22T00:00:00", "id": "WPVDB-ID:8522", "href": "https://wpvulndb.com/vulnerabilities/8522", "type": "wpvulndb", "title": "WordPress 4.5.2 - Redirect Bypass", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-16T03:37:47", "bulletinFamily": "software", "cvelist": ["CVE-2016-5836"], "description": "WordPress Vulnerability - WordPress 4.5.2 - oEmbed Denial of Service (DoS)\n", "modified": "2019-11-01T00:00:00", "published": "2016-06-22T00:00:00", "id": "WPVDB-ID:8523", "href": "https://wpvulndb.com/vulnerabilities/8523", "type": "wpvulndb", "title": "WordPress 4.5.2 - oEmbed Denial of Service (DoS)", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-29T19:36:49", "bulletinFamily": "software", "cvelist": ["CVE-2016-5837"], "description": "WordPress Vulnerability - WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post\n", "modified": "2019-11-01T00:00:00", "published": "2016-06-21T00:00:00", "id": "WPVDB-ID:8520", "href": "https://wpvulndb.com/vulnerabilities/8520", "type": "wpvulndb", "title": "WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-29T19:36:49", "bulletinFamily": "software", "cvelist": ["CVE-2016-5835"], "description": "WordPress Vulnerability - WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure\n", "modified": "2019-11-01T00:00:00", "published": "2016-06-21T00:00:00", "id": "WPVDB-ID:8519", "href": "https://wpvulndb.com/vulnerabilities/8519", "type": "wpvulndb", "title": "WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-16T03:37:48", "bulletinFamily": "software", "cvelist": ["CVE-2016-5838"], "description": "WordPress Vulnerability - WordPress 4.5.2 - Password Change via Stolen Cookie\n", "modified": "2019-11-01T00:00:00", "published": "2016-06-22T00:00:00", "id": "WPVDB-ID:8524", "href": "https://wpvulndb.com/vulnerabilities/8524", "type": "wpvulndb", "title": "WordPress 4.5.2 - Password Change via Stolen Cookie", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}]}

WordPress &lt; 4.5.3 Multiple Vulnerabilities

Description

WordPress < 4.5.3 Multiple Vulnerabilities