Lucene search
HistoryAug 10, 2011 - 9:55 p.m.
CVE-2011-3129
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
70.7%
The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running “on hosts with dangerous security settings,” has unknown impact and attack vectors, possibly related to dangerous filenames.
Affected configurations
Node
wordpresswordpressMatch3.1
ORwordpresswordpressMatch3.1.1
ORwordpresswordpressMatch3.1.2
ORwordpresswordpressMatch3.2beta1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wordpress | wordpress | 3.1 | cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:* |
| wordpress | wordpress | 3.1.1 | cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:* |
| wordpress | wordpress | 3.1.2 | cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:* |
| wordpress | wordpress | 3.2 | cpe:2.3:a:wordpress:wordpress:3.2:beta1:*:*:*:*:*:* |
Related
prion
prion
Unrestricted file upload
2011-08-10 21:55:00
cvelist
cvelist
CVE-2011-3129
2011-08-10 21:16:00
cve
cve
CVE-2011-3129
2011-08-10 21:55:02
patchstack
patchstack
WordPress <= 3.1.2 - Arbitrary File Upload vulnerability
2011-08-10 00:00:00
ubuntucve
ubuntucve
CVE-2011-3129
2011-08-10 00:00:00
debiancve
debiancve
CVE-2011-3129
2011-08-10 21:55:02
nessus
nessus
WordPress < 3.1.3 Multiple Vulnerabilities
2016-02-26 00:00:00
WordPress < 3.1.3 Multiple Vulnerabilities
2018-01-26 00:00:00
Debian DSA-2470-1 : wordpress - several vulnerabilities
2012-05-15 00:00:00
debian
debian
[SECURITY] [DSA 2670-1] wordpress security update
2012-05-11 20:41:14
openvas
openvas
Debian Security Advisory DSA 2670-1 (wordpress)
2012-05-31 00:00:00
Debian Security Advisory DSA 2670-1 (wordpress)
2012-05-31 00:00:00
Debian: Security Advisory (DSA-2470-1)
2023-03-08 00:00:00
osv
osv
wordpress - several
2012-05-11 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
70.7%
Related for NVD:CVE-2011-3129