Lucene search
HistoryAug 18, 2014 - 11:15 a.m.
CVE-2014-5203
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.072 Low
EPSS
Percentile
94.1%
wp-includes/class-wp-customize-widgets.php in the widget implementation in WordPress 3.9.x before 3.9.2 might allow remote attackers to execute arbitrary code via crafted serialized data.
Affected configurations
Node
wordpresswordpressMatch3.9.0
ORwordpresswordpressMatch3.9.1
Related
cvelist
cvelist
CVE-2014-5203
2014-08-18 10:00:00
wpvulndb
wpvulndb
WordPress 3.9 & 3.9.1 Unlikely Code Execution
2014-09-16 17:10:42
cve
cve
CVE-2014-5203
2014-08-18 11:15:26
ubuntucve
ubuntucve
CVE-2014-5203
2014-08-18 00:00:00
debiancve
debiancve
CVE-2014-5203
2014-08-18 11:15:26
patchstack
patchstack
WordPress <= 3.9.1 - Unsafe Serialization
2014-08-13 00:00:00
prion
prion
Information disclosure
2014-08-18 11:15:00
nessus
nessus
Fedora 20 : wordpress-3.9.2-3.fc20 (2014-9264)
2014-08-22 00:00:00
Fedora 19 : wordpress-3.9.2-3.fc19 (2014-9270)
2014-08-23 00:00:00
WordPress < 3.7.4 / 3.8.4 / 3.9.2 Multiple Vulnerabilities
2014-08-12 00:00:00
openvas
openvas
Fedora Update for wordpress FEDORA-2014-9264
2014-08-22 00:00:00
Fedora Update for wordpress FEDORA-2014-9270
2014-08-23 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: wordpress-3.9.2-3.fc20
2014-08-21 09:45:10
[SECURITY] Fedora 19 Update: wordpress-3.9.2-3.fc19
2014-08-23 01:58:51
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.072 Low
EPSS
Percentile
94.1%
Related for NVD:CVE-2014-5203