ID OPENVAS:1361412562310865343 Type openvas Reporter Copyright (c) 2013 Greenbone Networks GmbH Modified 2019-03-15T00:00:00
Description
The remote host is missing an update for the
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for wordpress FEDORA-2013-1774
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_xref(name:"URL", value:"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098476.html");
script_oid("1.3.6.1.4.1.25623.1.0.865343");
script_version("$Revision: 14223 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $");
script_tag(name:"creation_date", value:"2013-02-11 10:15:40 +0530 (Mon, 11 Feb 2013)");
script_cve_id("CVE-2013-0235", "CVE-2013-0236", "CVE-2013-0237");
script_tag(name:"cvss_base", value:"6.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_xref(name:"FEDORA", value:"2013-1774");
script_name("Fedora Update for wordpress FEDORA-2013-1774");
script_tag(name:"summary", value:"The remote host is missing an update for the 'wordpress'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC18");
script_tag(name:"affected", value:"wordpress on Fedora 18");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "FC18")
{
if ((res = isrpmvuln(pkg:"wordpress", rpm:"wordpress~3.5.1~1.fc18", rls:"FC18")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310865343", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for wordpress FEDORA-2013-1774", "description": "The remote host is missing an update for the ", "published": "2013-02-11T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865343", "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098476.html", "2013-1774"], "cvelist": ["CVE-2013-0235", "CVE-2013-0237", "CVE-2013-0236"], "lastseen": "2019-05-29T18:37:55", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-0237", "CVE-2013-1774", "CVE-2013-0236", "CVE-2013-0235"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310865333", "OPENVAS:866044", "OPENVAS:866940", "OPENVAS:1361412562310866940", "OPENVAS:892718", "OPENVAS:865333", "OPENVAS:865343", "OPENVAS:1361412562310892718", "OPENVAS:1361412562310103660", "OPENVAS:1361412562310866044"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2013-189.NASL", "WORDPRESS_3_5_1.NASL", "DEBIAN_DSA-2718.NASL", "FEDORA_2013-1692.NASL", "FEDORA_2013-1774.NASL", "FREEBSD_PKG_559E00B76A4D11E2B6B010BF48230856.NASL", "WORDPRESS_XMLRPC_PINGBACK_REQUEST_FORGERY.NASL"]}, {"type": "freebsd", "idList": ["559E00B7-6A4D-11E2-B6B0-10BF48230856"]}, {"type": "fedora", "idList": ["FEDORA:AB4AB21DEB", "FEDORA:7570420D87", "FEDORA:5A945206F2", "FEDORA:7E291210D8", "FEDORA:425D8207B7"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:21079A9F-7256-4EC0-B93D-44B489720CDE", "WPVDB-ID:DD960CFA-1C04-47FD-9467-743475FCD536"]}, {"type": "thn", "idList": ["THN:BE379A796F15B93543F6972B7FEE4338", "THN:F155C0EB92B173820C2A906FB070B734"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/HTTP/WORDPRESS_PINGBACK_ACCESS"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2718-1:8E980"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29527"]}], "modified": "2019-05-29T18:37:55", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2019-05-29T18:37:55", "rev": 2}, "vulnersScore": 6.1}, "pluginID": "1361412562310865343", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2013-1774\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098476.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865343\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-11 10:15:40 +0530 (Mon, 11 Feb 2013)\");\n script_cve_id(\"CVE-2013-0235\", \"CVE-2013-0236\", \"CVE-2013-0237\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-1774\");\n script_name(\"Fedora Update for wordpress FEDORA-2013-1774\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"wordpress on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.5.1~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "immutableFields": []}
{"cve": [{"lastseen": "2021-04-22T23:35:41", "description": "Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the content of a post.", "edition": 7, "cvss3": {}, "published": "2013-07-08T20:55:00", "title": "CVE-2013-0236", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0236"], "modified": "2013-07-08T20:55:00", "cpe": ["cpe:/a:wordpress:wordpress:1.2", "cpe:/a:wordpress:wordpress:1.3", "cpe:/a:wordpress:wordpress:2.2.2", "cpe:/a:wordpress:wordpress:2.2", "cpe:/a:wordpress:wordpress:2.9.2", "cpe:/a:wordpress:wordpress:2.0", "cpe:/a:wordpress:wordpress:2.1.3", "cpe:/a:wordpress:wordpress:2.0.11", "cpe:/a:wordpress:wordpress:2.8.1", "cpe:/a:wordpress:wordpress:2.6.1", "cpe:/a:wordpress:wordpress:2.0.6", "cpe:/a:wordpress:wordpress:2.6.5", "cpe:/a:wordpress:wordpress:2.3", "cpe:/a:wordpress:wordpress:2.9.1", "cpe:/a:wordpress:wordpress:2.8.6", "cpe:/a:wordpress:wordpress:2.0.9", "cpe:/a:wordpress:wordpress:2.0.7", "cpe:/a:wordpress:wordpress:1.0.2", "cpe:/a:wordpress:wordpress:2.0.10", "cpe:/a:wordpress:wordpress:1.5.1.1", "cpe:/a:wordpress:wordpress:2.0.4", "cpe:/a:wordpress:wordpress:1.5", "cpe:/a:wordpress:wordpress:3.5.0", "cpe:/a:wordpress:wordpress:2.1.1", "cpe:/a:wordpress:wordpress:3.3.3", "cpe:/a:wordpress:wordpress:3.4.1", "cpe:/a:wordpress:wordpress:2.0.5", "cpe:/a:wordpress:wordpress:0.71", "cpe:/a:wordpress:wordpress:1.0", "cpe:/a:wordpress:wordpress:2.1", "cpe:/a:wordpress:wordpress:2.2.3", "cpe:/a:wordpress:wordpress:2.5", "cpe:/a:wordpress:wordpress:2.6.2", "cpe:/a:wordpress:wordpress:1.2.4", "cpe:/a:wordpress:wordpress:2.1.2", "cpe:/a:wordpress:wordpress:3.3", "cpe:/a:wordpress:wordpress:2.9", "cpe:/a:wordpress:wordpress:2.8.5.2", "cpe:/a:wordpress:wordpress:1.5.2", "cpe:/a:wordpress:wordpress:2.8.3", "cpe:/a:wordpress:wordpress:2.8.5.1", "cpe:/a:wordpress:wordpress:3.3.1", "cpe:/a:wordpress:wordpress:2.3.2", "cpe:/a:wordpress:wordpress:2.0.2", "cpe:/a:wordpress:wordpress:1.5.1.3", "cpe:/a:wordpress:wordpress:1.2.3", "cpe:/a:wordpress:wordpress:2.2.1", "cpe:/a:wordpress:wordpress:3.3.2", "cpe:/a:wordpress:wordpress:1.1.1", "cpe:/a:wordpress:wordpress:2.6", "cpe:/a:wordpress:wordpress:2.6.3", "cpe:/a:wordpress:wordpress:3.4.2", "cpe:/a:wordpress:wordpress:1.5.1.2", "cpe:/a:wordpress:wordpress:1.5.1", "cpe:/a:wordpress:wordpress:1.0.1", "cpe:/a:wordpress:wordpress:2.8.5", "cpe:/a:wordpress:wordpress:2.0.1", "cpe:/a:wordpress:wordpress:3.4.0", "cpe:/a:wordpress:wordpress:1.2.1", "cpe:/a:wordpress:wordpress:2.7.1", "cpe:/a:wordpress:wordpress:1.2.5", "cpe:/a:wordpress:wordpress:1.3.3", "cpe:/a:wordpress:wordpress:2.7", "cpe:/a:wordpress:wordpress:2.0.8", "cpe:/a:wordpress:wordpress:1.2.2", "cpe:/a:wordpress:wordpress:2.8.2", "cpe:/a:wordpress:wordpress:2.3.1", "cpe:/a:wordpress:wordpress:1.3.2", "cpe:/a:wordpress:wordpress:2.8", "cpe:/a:wordpress:wordpress:2.8.4", "cpe:/a:wordpress:wordpress:2.3.3", "cpe:/a:wordpress:wordpress:2.5.1", "cpe:/a:wordpress:wordpress:1.6.2", "cpe:/a:wordpress:wordpress:2.9.1.1"], "id": "CVE-2013-0236", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0236", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:1.2.5:a:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.4:a:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.5.1:*:*:*:*:*:*:*"]}, {"lastseen": "2021-04-22T23:35:41", "description": "Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter.", "edition": 7, "cvss3": {}, "published": "2013-07-08T20:55:00", "title": "CVE-2013-0237", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0237"], "modified": "2013-07-08T20:55:00", "cpe": ["cpe:/a:wordpress:wordpress:1.2", "cpe:/a:wordpress:wordpress:1.3", "cpe:/a:wordpress:wordpress:2.2.2", "cpe:/a:moxiecode:plupload:1.5.4", "cpe:/a:wordpress:wordpress:2.2", "cpe:/o:fedoraproject:fedora:18", "cpe:/a:wordpress:wordpress:2.9.2", "cpe:/a:moxiecode:plupload:1.4.0", "cpe:/a:wordpress:wordpress:2.0", "cpe:/a:wordpress:wordpress:2.1.3", "cpe:/a:wordpress:wordpress:2.0.11", "cpe:/a:wordpress:wordpress:2.8.1", "cpe:/a:wordpress:wordpress:2.6.1", "cpe:/o:fedoraproject:fedora:17", "cpe:/a:wordpress:wordpress:2.0.6", "cpe:/a:wordpress:wordpress:2.6.5", "cpe:/a:wordpress:wordpress:2.3", "cpe:/a:wordpress:wordpress:2.9.1", "cpe:/a:wordpress:wordpress:2.8.6", "cpe:/a:wordpress:wordpress:2.0.9", "cpe:/a:wordpress:wordpress:2.0.7", "cpe:/a:wordpress:wordpress:1.0.2", "cpe:/a:wordpress:wordpress:2.0.10", "cpe:/a:wordpress:wordpress:1.5.1.1", "cpe:/a:wordpress:wordpress:2.0.4", "cpe:/a:wordpress:wordpress:1.5", "cpe:/a:wordpress:wordpress:3.5.0", "cpe:/a:wordpress:wordpress:2.1.1", "cpe:/a:wordpress:wordpress:3.3.3", "cpe:/a:wordpress:wordpress:3.4.1", "cpe:/a:wordpress:wordpress:2.0.5", "cpe:/a:wordpress:wordpress:0.71", "cpe:/a:wordpress:wordpress:1.0", "cpe:/a:wordpress:wordpress:2.1", "cpe:/a:moxiecode:plupload:1.4.3", "cpe:/a:wordpress:wordpress:2.2.3", "cpe:/a:wordpress:wordpress:2.5", "cpe:/a:wordpress:wordpress:2.6.2", "cpe:/a:moxiecode:plupload:1.5.1", "cpe:/a:moxiecode:plupload:1.4.1", "cpe:/a:wordpress:wordpress:1.2.4", "cpe:/a:wordpress:wordpress:2.1.2", "cpe:/a:wordpress:wordpress:3.3", "cpe:/a:wordpress:wordpress:2.9", "cpe:/a:wordpress:wordpress:2.8.5.2", "cpe:/a:wordpress:wordpress:1.5.2", "cpe:/o:fedoraproject:fedora:16", "cpe:/a:wordpress:wordpress:2.8.3", "cpe:/a:wordpress:wordpress:2.8.5.1", "cpe:/a:wordpress:wordpress:3.3.1", "cpe:/a:wordpress:wordpress:2.3.2", "cpe:/a:wordpress:wordpress:2.0.2", "cpe:/a:wordpress:wordpress:1.5.1.3", "cpe:/a:wordpress:wordpress:1.2.3", "cpe:/a:wordpress:wordpress:2.2.1", "cpe:/a:wordpress:wordpress:3.3.2", "cpe:/a:wordpress:wordpress:1.1.1", "cpe:/a:wordpress:wordpress:2.6", "cpe:/a:wordpress:wordpress:2.6.3", "cpe:/a:wordpress:wordpress:3.4.2", "cpe:/a:moxiecode:plupload:1.5.3", "cpe:/a:wordpress:wordpress:1.5.1.2", "cpe:/a:wordpress:wordpress:1.5.1", "cpe:/a:wordpress:wordpress:1.0.1", "cpe:/a:wordpress:wordpress:2.8.5", "cpe:/a:wordpress:wordpress:2.0.1", "cpe:/a:wordpress:wordpress:3.4.0", "cpe:/a:moxiecode:plupload:1.4.2", "cpe:/a:wordpress:wordpress:1.2.1", "cpe:/a:wordpress:wordpress:2.7.1", "cpe:/a:wordpress:wordpress:1.2.5", "cpe:/a:wordpress:wordpress:1.3.3", "cpe:/a:wordpress:wordpress:2.7", "cpe:/a:wordpress:wordpress:2.0.8", "cpe:/a:wordpress:wordpress:1.2.2", "cpe:/a:wordpress:wordpress:2.8.2", "cpe:/a:wordpress:wordpress:2.3.1", "cpe:/a:wordpress:wordpress:1.3.2", "cpe:/a:wordpress:wordpress:2.8", "cpe:/a:moxiecode:plupload:1.5.2", "cpe:/a:wordpress:wordpress:2.8.4", "cpe:/a:wordpress:wordpress:2.3.3", "cpe:/a:wordpress:wordpress:2.5.1", "cpe:/a:wordpress:wordpress:1.6.2", "cpe:/a:wordpress:wordpress:2.9.1.1", "cpe:/a:moxiecode:plupload:1.5.0"], "id": "CVE-2013-0237", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0237", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:1.2.5:a:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.5.0:beta:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.4:a:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:moxiecode:plupload:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.5.1:*:*:*:*:*:*:*"]}, {"lastseen": "2021-04-22T23:35:41", "description": "The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery (SSRF) issue.", "edition": 7, "cvss3": {}, "published": "2013-07-08T20:55:00", "title": "CVE-2013-0235", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0235"], "modified": "2013-07-08T20:55:00", "cpe": ["cpe:/a:wordpress:wordpress:1.2", "cpe:/a:wordpress:wordpress:1.3", "cpe:/a:wordpress:wordpress:2.2.2", "cpe:/a:wordpress:wordpress:2.2", "cpe:/a:wordpress:wordpress:2.9.2", "cpe:/a:wordpress:wordpress:2.0", "cpe:/a:wordpress:wordpress:2.1.3", "cpe:/a:wordpress:wordpress:2.0.11", "cpe:/a:wordpress:wordpress:2.8.1", "cpe:/a:wordpress:wordpress:2.6.1", "cpe:/a:wordpress:wordpress:2.0.6", "cpe:/a:wordpress:wordpress:2.6.5", "cpe:/a:wordpress:wordpress:2.3", "cpe:/a:wordpress:wordpress:2.9.1", "cpe:/a:wordpress:wordpress:2.8.6", "cpe:/a:wordpress:wordpress:2.0.9", "cpe:/a:wordpress:wordpress:2.0.7", "cpe:/a:wordpress:wordpress:1.0.2", "cpe:/a:wordpress:wordpress:2.0.10", "cpe:/a:wordpress:wordpress:1.5.1.1", "cpe:/a:wordpress:wordpress:2.0.4", "cpe:/a:wordpress:wordpress:1.5", "cpe:/a:wordpress:wordpress:3.5.0", "cpe:/a:wordpress:wordpress:2.1.1", "cpe:/a:wordpress:wordpress:3.3.3", "cpe:/a:wordpress:wordpress:3.4.1", "cpe:/a:wordpress:wordpress:2.0.5", "cpe:/a:wordpress:wordpress:0.71", "cpe:/a:wordpress:wordpress:1.0", "cpe:/a:wordpress:wordpress:2.1", "cpe:/a:wordpress:wordpress:2.2.3", "cpe:/a:wordpress:wordpress:2.5", "cpe:/a:wordpress:wordpress:2.6.2", "cpe:/a:wordpress:wordpress:1.2.4", "cpe:/a:wordpress:wordpress:2.1.2", "cpe:/a:wordpress:wordpress:3.3", "cpe:/a:wordpress:wordpress:2.9", "cpe:/a:wordpress:wordpress:2.8.5.2", "cpe:/a:wordpress:wordpress:1.5.2", "cpe:/a:wordpress:wordpress:2.8.3", "cpe:/a:wordpress:wordpress:2.8.5.1", "cpe:/a:wordpress:wordpress:3.3.1", "cpe:/a:wordpress:wordpress:2.3.2", "cpe:/a:wordpress:wordpress:2.0.2", "cpe:/a:wordpress:wordpress:1.5.1.3", "cpe:/a:wordpress:wordpress:1.2.3", "cpe:/a:wordpress:wordpress:2.2.1", "cpe:/a:wordpress:wordpress:3.3.2", "cpe:/a:wordpress:wordpress:1.1.1", "cpe:/a:wordpress:wordpress:2.6", "cpe:/a:wordpress:wordpress:2.6.3", "cpe:/a:wordpress:wordpress:3.4.2", "cpe:/a:wordpress:wordpress:1.5.1.2", "cpe:/a:wordpress:wordpress:1.5.1", "cpe:/a:wordpress:wordpress:1.0.1", "cpe:/a:wordpress:wordpress:2.8.5", "cpe:/a:wordpress:wordpress:2.0.1", "cpe:/a:wordpress:wordpress:3.4.0", "cpe:/a:wordpress:wordpress:1.2.1", "cpe:/a:wordpress:wordpress:2.7.1", "cpe:/a:wordpress:wordpress:1.2.5", "cpe:/a:wordpress:wordpress:1.3.3", "cpe:/a:wordpress:wordpress:2.7", "cpe:/a:wordpress:wordpress:2.0.8", "cpe:/a:wordpress:wordpress:1.2.2", "cpe:/a:wordpress:wordpress:2.8.2", "cpe:/a:wordpress:wordpress:2.3.1", "cpe:/a:wordpress:wordpress:1.3.2", "cpe:/a:wordpress:wordpress:2.8", "cpe:/a:wordpress:wordpress:2.8.4", "cpe:/a:wordpress:wordpress:2.3.3", "cpe:/a:wordpress:wordpress:2.5.1", "cpe:/a:wordpress:wordpress:1.6.2", "cpe:/a:wordpress:wordpress:2.9.1.1"], "id": "CVE-2013-0235", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0235", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:wordpress:wordpress:1.2.5:a:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.4:a:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wordpress:wordpress:2.5.1:*:*:*:*:*:*:*"]}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0235", "CVE-2013-0236", "CVE-2013-0237"], "description": "Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. ", "modified": "2013-02-10T04:25:57", "published": "2013-02-10T04:25:57", "id": "FEDORA:5A945206F2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: wordpress-3.5.1-1.fc18", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0700", "CVE-2011-0701", "CVE-2013-0235", "CVE-2013-0236", "CVE-2013-0237"], "description": "Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. ", "modified": "2013-02-10T04:44:54", "published": "2013-02-10T04:44:54", "id": "FEDORA:425D8207B7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: wordpress-3.5.1-1.fc17", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0235", "CVE-2013-0236", "CVE-2013-0237", "CVE-2013-2173", "CVE-2013-2199", "CVE-2013-2200", "CVE-2013-2201", "CVE-2013-2202", "CVE-2013-2203", "CVE-2013-2204", "CVE-2013-2205"], "description": "Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. ", "modified": "2013-07-03T01:37:44", "published": "2013-07-03T01:37:44", "id": "FEDORA:7570420D87", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: wordpress-3.5.2-1.fc18", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0235", "CVE-2013-0236", "CVE-2013-0237", "CVE-2013-2173", "CVE-2013-2199", "CVE-2013-2200", "CVE-2013-2201", "CVE-2013-2202", "CVE-2013-2203", "CVE-2013-2204", "CVE-2013-4338", "CVE-2013-4339", "CVE-2013-4340"], "description": "Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. ", "modified": "2013-09-27T00:41:16", "published": "2013-09-27T00:41:16", "id": "FEDORA:AB4AB21DEB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: wordpress-3.6.1-1.fc18", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0700", "CVE-2011-0701", "CVE-2013-0235", "CVE-2013-0236", "CVE-2013-0237", "CVE-2013-2173", "CVE-2013-2199", "CVE-2013-2200", "CVE-2013-2201", "CVE-2013-2202", "CVE-2013-2203", "CVE-2013-2204", "CVE-2013-2205"], "description": "Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. ", "modified": "2013-07-03T01:38:56", "published": "2013-07-03T01:38:56", "id": "FEDORA:7E291210D8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: wordpress-3.5.2-1.fc17", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:41", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0235", "CVE-2013-0237", "CVE-2013-0236"], "description": "\nWordpress reports:\n\nWordPress 3.5.1 also addresses the following security issues:\n\nA server-side request forgery vulnerability and remote port\n\t scanning using pingbacks. This vulnerability, which could\n\t potentially be used to expose information and compromise a\n\t site, affects all previous WordPress versions. This was fixed\n\t by the WordPress security team. We'd like to thank security\n\t researchers Gennady\n\t Kovshenin and Ryan\n\t Dewhurst for reviewing our work.\nTwo instances of cross-site scripting via shortcodes and post\n\t content. These issues were discovered by Jon Cave of the WordPress\n\t security team.\nA cross-site scripting vulnerability in the external library\n\t Plupload. Thanks to the Moxiecode team for working with us on\n\t this, and for releasing Plupload 1.5.5 to address this issue.\n\n\n", "edition": 4, "modified": "2014-04-30T00:00:00", "published": "2013-01-24T00:00:00", "id": "559E00B7-6A4D-11E2-B6B0-10BF48230856", "href": "https://vuxml.freebsd.org/freebsd/559e00b7-6a4d-11e2-b6b0-10bf48230856.html", "title": "wordpress -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "openvas": [{"lastseen": "2017-07-25T10:52:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0235", "CVE-2013-0237", "CVE-2013-0236"], "description": "Check for the Version of wordpress", "modified": "2017-07-10T00:00:00", "published": "2013-02-11T00:00:00", "id": "OPENVAS:865343", "href": "http://plugins.openvas.org/nasl.php?oid=865343", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2013-1774", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2013-1774\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"wordpress on Fedora 18\";\ntag_insight = \"Wordpress is an online publishing / weblog package that makes it very easy,\n almost trivial, to get information out to people on the web.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098476.html\");\n script_id(865343);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-11 10:15:40 +0530 (Mon, 11 Feb 2013)\");\n script_cve_id(\"CVE-2013-0235\", \"CVE-2013-0236\", \"CVE-2013-0237\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-1774\");\n script_name(\"Fedora Update for wordpress FEDORA-2013-1774\");\n\n script_summary(\"Check for the Version of wordpress\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.5.1~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-26T11:09:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0235", "CVE-2013-0237", "CVE-2011-0700", "CVE-2013-0236", "CVE-2011-0701"], "description": "Check for the Version of wordpress", "modified": "2018-01-26T00:00:00", "published": "2013-02-11T00:00:00", "id": "OPENVAS:865333", "href": "http://plugins.openvas.org/nasl.php?oid=865333", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2013-1692", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2013-1692\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"wordpress on Fedora 17\";\ntag_insight = \"Wordpress is an online publishing / weblog package that makes it very easy,\n almost trivial, to get information out to people on the web.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098575.html\");\n script_id(865333);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-11 10:10:24 +0530 (Mon, 11 Feb 2013)\");\n script_cve_id(\"CVE-2013-0235\", \"CVE-2013-0236\", \"CVE-2013-0237\", \"CVE-2011-0700\", \"CVE-2011-0701\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-1692\");\n script_name(\"Fedora Update for wordpress FEDORA-2013-1692\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of wordpress\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.5.1~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0235", "CVE-2013-0237", "CVE-2011-0700", "CVE-2013-0236", "CVE-2011-0701"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-02-11T00:00:00", "id": "OPENVAS:1361412562310865333", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865333", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2013-1692", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2013-1692\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098575.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865333\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-11 10:10:24 +0530 (Mon, 11 Feb 2013)\");\n script_cve_id(\"CVE-2013-0235\", \"CVE-2013-0236\", \"CVE-2013-0237\", \"CVE-2011-0700\", \"CVE-2011-0701\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-1692\");\n script_name(\"Fedora Update for wordpress FEDORA-2013-1692\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"wordpress on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.5.1~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2017-07-25T10:51:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2173", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-2205", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-0237", "CVE-2013-0236", "CVE-2013-2202", "CVE-2013-2200", "CVE-2013-2204"], "description": "Check for the Version of wordpress", "modified": "2017-07-10T00:00:00", "published": "2013-07-05T00:00:00", "id": "OPENVAS:866044", "href": "http://plugins.openvas.org/nasl.php?oid=866044", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2013-11630", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2013-11630\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"wordpress on Fedora 18\";\ntag_insight = \"Wordpress is an online publishing / weblog package that makes it very easy,\n almost trivial, to get information out to people on the web.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(866044);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-05 12:56:37 +0530 (Fri, 05 Jul 2013)\");\n script_cve_id(\"CVE-2013-2173\", \"CVE-2013-2199\", \"CVE-2013-2200\", \"CVE-2013-2201\",\n \"CVE-2013-2202\", \"CVE-2013-2203\", \"CVE-2013-2204\", \"CVE-2013-0235\",\n \"CVE-2013-0236\", \"CVE-2013-0237\", \"CVE-2013-2205\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for wordpress FEDORA-2013-11630\");\n\n script_xref(name: \"FEDORA\", value: \"2013-11630\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/110564.html\");\n script_summary(\"Check for the Version of wordpress\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.5.2~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2173", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-2205", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-0237", "CVE-2013-0236", "CVE-2013-2202", "CVE-2013-2200", "CVE-2013-2204"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-07-05T00:00:00", "id": "OPENVAS:1361412562310866044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866044", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2013-11630", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2013-11630\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866044\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-05 12:56:37 +0530 (Fri, 05 Jul 2013)\");\n script_cve_id(\"CVE-2013-2173\", \"CVE-2013-2199\", \"CVE-2013-2200\", \"CVE-2013-2201\",\n \"CVE-2013-2202\", \"CVE-2013-2203\", \"CVE-2013-2204\", \"CVE-2013-0235\",\n \"CVE-2013-0236\", \"CVE-2013-0237\", \"CVE-2013-2205\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for wordpress FEDORA-2013-11630\");\n script_xref(name:\"FEDORA\", value:\"2013-11630\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/110564.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"wordpress on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.5.2~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0235"], "description": "WordPress is prone to an information-disclosure vulnerability and\nmultiple HTML-injection vulnerabilities.\n\nSuccessful exploits will allow attacker-supplied HTML and script code\nto run in the context of the affected browser, potentially allowing\nthe attacker to steal cookie-based authentication credentials, control\nhow the site is rendered to the user, and disclose or modify sensitive\ninformation. Other attacks are also possible.\n\nWordPress versions prior to 3.5.1 are vulnerable.", "modified": "2018-10-12T00:00:00", "published": "2013-02-07T00:00:00", "id": "OPENVAS:1361412562310103660", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103660", "type": "openvas", "title": "WordPress Pingback Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_wordpress_57554.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# WordPress Pingback Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:wordpress:wordpress\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103660\");\n script_bugtraq_id(57554);\n script_cve_id(\"CVE-2013-0235\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_version(\"$Revision: 11865 $\");\n\n script_name(\"WordPress Pingback Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/57554\");\n script_xref(name:\"URL\", value:\"http://www.acunetix.com/blog/web-security-zone/wordpress-pingback-vulnerability/\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-07 10:52:18 +0100 (Thu, 07 Feb 2013)\");\n script_category(ACT_ATTACK);\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2013 Greenbone Networks GmbH\");\n script_dependencies(\"secpod_wordpress_detect_900182.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"wordpress/installed\");\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more details.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"WordPress is prone to an information-disclosure vulnerability and\nmultiple HTML-injection vulnerabilities.\n\nSuccessful exploits will allow attacker-supplied HTML and script code\nto run in the context of the affected browser, potentially allowing\nthe attacker to steal cookie-based authentication credentials, control\nhow the site is rendered to the user, and disclose or modify sensitive\ninformation. Other attacks are also possible.\n\nWordPress versions prior to 3.5.1 are vulnerable.\");\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"http_keepalive.inc\");\n\nif(!port = get_app_port(cpe:CPE))exit(0);\nif(!dir = get_app_location(cpe:CPE, port:port))exit(0);\n\nhost = http_host_name(port:port);\n\nfunction _check(c) {\n\n xml = string('<?xml version=\"1.0\" encoding=\"utf-8\"?>',\"\\r\\n\",\n \"<methodCall>\\r\\n\",\n \"<methodName>pingback.ping</methodName>\\r\\n\",\n \"<params>\\r\\n\",\n \"<param><value><string>http://\",c,\"</string></value></param>\\r\\n\",\n \"<param><value><string>http://\",host,dir,\"?p=1</string></value></param>\\r\\n\",\n \"</params>\\r\\n\",\n \"</methodCall>\\r\\n\");\n\n len = strlen(xml);\n\n req = string(\"POST \",dir,\"/xmlrpc.php HTTP/1.1\\r\\n\",\n \"Host: \", host,\"\\r\\n\",\n \"Connection: Close\\r\\n\",\n \"Accept-Language: en\\r\\n\",\n \"Content-Type: application/x-www-form-urlencoded\\r\\n\",\n \"Content-Length: \",len,\"\\r\\n\",\n \"\\r\\n\",\n xml);\n\n result = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE);\n\n value = eregmatch(pattern:\"<value><string>([^<]+)</string></value>\", string: result);\n if(!isnull(value[1])) return value[1];\n\n return FALSE;\n\n}\n\nurl = dir + '/xmlrpc.php';\n\nif(!http_vuln_check(port:port, url:url, pattern:\"XML-RPC server accepts POST requests only\"))exit(0);\n\nif(!ret1 = _check(c:\"i-dont-exist\"))exit(0);\n\nif(\"The source URL does not exist\" >< ret1) {\n\n tests = make_list('localhost:22', 'localhost:25', get_host_name() + ':' + port);\n foreach test (tests) {\n\n ret = _check(c:test);\n\n if(\"The source URL does not contain a link to the target URL\" >< ret || \"We cannot find a title on that page\" >< ret) {\n\n security_message(port:port);\n exit(0);\n\n }\n }\n\n}\n\nexit(99);\n\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2173", "CVE-2013-4339", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-4340", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-0237", "CVE-2013-0236", "CVE-2013-2202", "CVE-2013-4338", "CVE-2013-2200", "CVE-2013-2204"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-10-03T00:00:00", "id": "OPENVAS:1361412562310866940", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866940", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2013-16895", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2013-16895\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866940\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:14:06 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4338\", \"CVE-2013-4339\", \"CVE-2013-4340\", \"CVE-2013-2173\",\n \"CVE-2013-2199\", \"CVE-2013-2200\", \"CVE-2013-2201\", \"CVE-2013-2202\",\n \"CVE-2013-2203\", \"CVE-2013-2204\", \"CVE-2013-0235\", \"CVE-2013-0236\",\n \"CVE-2013-0237\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for wordpress FEDORA-2013-16895\");\n\n\n script_tag(name:\"affected\", value:\"wordpress on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-16895\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-September/117118.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wordpress'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.6.1~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-19T15:08:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2173", "CVE-2013-4339", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-4340", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-0237", "CVE-2013-0236", "CVE-2013-2202", "CVE-2013-4338", "CVE-2013-2200", "CVE-2013-2204"], "description": "Check for the Version of wordpress", "modified": "2018-01-19T00:00:00", "published": "2013-10-03T00:00:00", "id": "OPENVAS:866940", "href": "http://plugins.openvas.org/nasl.php?oid=866940", "type": "openvas", "title": "Fedora Update for wordpress FEDORA-2013-16895", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wordpress FEDORA-2013-16895\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866940);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:14:06 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2013-4338\", \"CVE-2013-4339\", \"CVE-2013-4340\", \"CVE-2013-2173\",\n \"CVE-2013-2199\", \"CVE-2013-2200\", \"CVE-2013-2201\", \"CVE-2013-2202\",\n \"CVE-2013-2203\", \"CVE-2013-2204\", \"CVE-2013-0235\", \"CVE-2013-0236\",\n \"CVE-2013-0237\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for wordpress FEDORA-2013-16895\");\n\n tag_insight = \"Wordpress is an online publishing / weblog package that makes it very easy,\nalmost trivial, to get information out to people on the web.\n\";\n\n tag_affected = \"wordpress on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-16895\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-September/117118.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of wordpress\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"wordpress\", rpm:\"wordpress~3.6.1~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2173", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-2205", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-2202", "CVE-2013-2200", "CVE-2013-2204"], "description": "Several vulnerabilities were identified in WordPress, a web blogging\ntool. As the CVEs were allocated from releases announcements and\nspecific fixes are usually not identified, it has been decided to\nupgrade the wordpress package to the latest upstream version instead of\nbackporting the patches.\n\nThis means extra care should be taken when upgrading, especially when\nusing third-party plugins or themes, since compatibility may have been\nimpacted along the way. We recommend that users check their install\nbefore doing the upgrade.\n\nCVE-2013-2173\nA denial of service was found in the way WordPress performs hash\ncomputation when checking password for protected posts. An attacker\nsupplying carefully crafted input as a password could make the\nplatform use excessive CPU usage.\n\nCVE-2013-2199Multiple server-side requests forgery (SSRF) vulnerabilities were\nfound in the HTTP API. This is related to\nCVE-2013-0235\n,\nwhich was specific to SSRF in pingback requests and was fixed in 3.5.1.\n\nCVE-2013-2200\nInadequate checking of a user", "modified": "2019-03-18T00:00:00", "published": "2013-07-01T00:00:00", "id": "OPENVAS:1361412562310892718", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892718", "type": "openvas", "title": "Debian Security Advisory DSA 2718-1 (wordpress - several vulnerabilities)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2718.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2718-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892718\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-2201\", \"CVE-2013-2205\", \"CVE-2013-2173\", \"CVE-2013-2204\", \"CVE-2013-2202\", \"CVE-2013-2203\", \"CVE-2013-0235\", \"CVE-2013-2199\", \"CVE-2013-2200\");\n script_name(\"Debian Security Advisory DSA 2718-1 (wordpress - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-01 00:00:00 +0200 (Mon, 01 Jul 2013)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2718.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"wordpress on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 3.5.2+dfsg-1~deb6u1.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 3.5.2+dfsg-1~deb7u1.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 3.5.2+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.5.2+dfsg-1.\n\nWe recommend that you upgrade your wordpress packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were identified in WordPress, a web blogging\ntool. As the CVEs were allocated from releases announcements and\nspecific fixes are usually not identified, it has been decided to\nupgrade the wordpress package to the latest upstream version instead of\nbackporting the patches.\n\nThis means extra care should be taken when upgrading, especially when\nusing third-party plugins or themes, since compatibility may have been\nimpacted along the way. We recommend that users check their install\nbefore doing the upgrade.\n\nCVE-2013-2173\nA denial of service was found in the way WordPress performs hash\ncomputation when checking password for protected posts. An attacker\nsupplying carefully crafted input as a password could make the\nplatform use excessive CPU usage.\n\nCVE-2013-2199Multiple server-side requests forgery (SSRF) vulnerabilities were\nfound in the HTTP API. This is related to\nCVE-2013-0235\n,\nwhich was specific to SSRF in pingback requests and was fixed in 3.5.1.\n\nCVE-2013-2200\nInadequate checking of a user's capabilities could lead to a\nprivilege escalation, enabling them to publish posts when their\nuser role should not allow for it and to assign posts to other\nauthors.\n\nCVE-2013-2201\nMultiple cross-side scripting (XSS) vulnerabilities due to badly\nescaped input were found in the media files and plugins upload forms.\n\nCVE-2013-2202\nXML External Entity Injection (XXE) vulnerability via oEmbed\nresponses.\n\nCVE-2013-2203\nA Full path disclosure (FPD) was found in the file upload mechanism.\nIf the upload directory is not writable, the error message returned\nincludes the full directory path.\n\nCVE-2013-2204\nContent spoofing via Flash applet in the embedded tinyMCE media\nplugin.\n\nCVE-2013-2205\nCross-domain XSS in the embedded SWFupload uploader.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.5.2+dfsg-1~deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.5.2+dfsg-1~deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.5.2+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.5.2+dfsg-1~deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2017-07-24T12:52:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2173", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-2205", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-2202", "CVE-2013-2200", "CVE-2013-2204"], "description": "Several vulnerabilities were identified in WordPress, a web blogging\ntool. As the CVEs were allocated from releases announcements and\nspecific fixes are usually not identified, it has been decided to\nupgrade the wordpress package to the latest upstream version instead of\nbackporting the patches.\n\nThis means extra care should be taken when upgrading, especially when\nusing third-party plugins or themes, since compatibility may have been\nimpacted along the way. We recommend that users check their install\nbefore doing the upgrade.\n\nCVE-2013-2173 \nA denial of service was found in the way WordPress performs hash\ncomputation when checking password for protected posts. An attacker\nsupplying carefully crafted input as a password could make the\nplatform use excessive CPU usage.\n\nCVE-2013-2199Multiple server-side requests forgery (SSRF) vulnerabilities were\nfound in the HTTP API. This is related to\nCVE-2013-0235 \n,\nwhich was specific to SSRF in pingback requests and was fixed in 3.5.1.\n\nCVE-2013-2200 \nInadequate checking of a user's capabilities could lead to a\nprivilege escalation, enabling them to publish posts when their\nuser role should not allow for it and to assign posts to other\nauthors.\n\nCVE-2013-2201 \nMultiple cross-side scripting (XSS) vulnerabilities due to badly\nescaped input were found in the media files and plugins upload forms.\n\nCVE-2013-2202 \nXML External Entity Injection (XXE) vulnerability via oEmbed\nresponses.\n\nCVE-2013-2203 \nA Full path disclosure (FPD) was found in the file upload mechanism.\nIf the upload directory is not writable, the error message returned\nincludes the full directory path.\n\nCVE-2013-2204 \nContent spoofing via Flash applet in the embedded tinyMCE media\nplugin.\n\nCVE-2013-2205 \nCross-domain XSS in the embedded SWFupload uploader.", "modified": "2017-07-07T00:00:00", "published": "2013-07-01T00:00:00", "id": "OPENVAS:892718", "href": "http://plugins.openvas.org/nasl.php?oid=892718", "type": "openvas", "title": "Debian Security Advisory DSA 2718-1 (wordpress - several vulnerabilities)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2718.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2718-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"wordpress on Debian Linux\";\ntag_insight = \"WordPress is a full featured web blogging tool:\n\n* Instant publishing (no rebuilding)\n* Comment pingback support with spam protection\n* Non-crufty URLs\n* Themable\n* Plugin support\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 3.5.2+dfsg-1~deb6u1.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 3.5.2+dfsg-1~deb7u1.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 3.5.2+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.5.2+dfsg-1.\n\nWe recommend that you upgrade your wordpress packages.\";\ntag_summary = \"Several vulnerabilities were identified in WordPress, a web blogging\ntool. As the CVEs were allocated from releases announcements and\nspecific fixes are usually not identified, it has been decided to\nupgrade the wordpress package to the latest upstream version instead of\nbackporting the patches.\n\nThis means extra care should be taken when upgrading, especially when\nusing third-party plugins or themes, since compatibility may have been\nimpacted along the way. We recommend that users check their install\nbefore doing the upgrade.\n\nCVE-2013-2173 \nA denial of service was found in the way WordPress performs hash\ncomputation when checking password for protected posts. An attacker\nsupplying carefully crafted input as a password could make the\nplatform use excessive CPU usage.\n\nCVE-2013-2199Multiple server-side requests forgery (SSRF) vulnerabilities were\nfound in the HTTP API. This is related to\nCVE-2013-0235 \n,\nwhich was specific to SSRF in pingback requests and was fixed in 3.5.1.\n\nCVE-2013-2200 \nInadequate checking of a user's capabilities could lead to a\nprivilege escalation, enabling them to publish posts when their\nuser role should not allow for it and to assign posts to other\nauthors.\n\nCVE-2013-2201 \nMultiple cross-side scripting (XSS) vulnerabilities due to badly\nescaped input were found in the media files and plugins upload forms.\n\nCVE-2013-2202 \nXML External Entity Injection (XXE) vulnerability via oEmbed\nresponses.\n\nCVE-2013-2203 \nA Full path disclosure (FPD) was found in the file upload mechanism.\nIf the upload directory is not writable, the error message returned\nincludes the full directory path.\n\nCVE-2013-2204 \nContent spoofing via Flash applet in the embedded tinyMCE media\nplugin.\n\nCVE-2013-2205 \nCross-domain XSS in the embedded SWFupload uploader.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892718);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-2201\", \"CVE-2013-2205\", \"CVE-2013-2173\", \"CVE-2013-2204\", \"CVE-2013-2202\", \"CVE-2013-2203\", \"CVE-2013-0235\", \"CVE-2013-2199\", \"CVE-2013-2200\");\n script_name(\"Debian Security Advisory DSA 2718-1 (wordpress - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-07-01 00:00:00 +0200 (Mon, 01 Jul 2013)\");\n script_tag(name: \"cvss_base\", value:\"6.4\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2718.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.5.2+dfsg-1~deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.5.2+dfsg-1~deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress\", ver:\"3.5.2+dfsg-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"wordpress-l10n\", ver:\"3.5.2+dfsg-1~deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2021-01-20T15:49:04", "description": "According to its version number, the WordPress install hosted on the\nremote web server is affected by multiple vulnerabilities :\n\n - The application is affected by a server-side request\n forgery vulnerability in the 'pingback.ping' method\n used in 'xmlrpc.php'. This vulnerability can be used to\n expose information and remotely port scan a host using\n pingbacks. (CVE-2013-0235)\n\n - The application is affected by two instances of\n cross-site scripting (XSS) attacks via shortcodes and\n post content. (CVE-2013-0236)\n\n - The application is affected by a cross-site scripting\n (XSS) vulnerability in the Plupload external library.\n (CVE-2013-0237)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.", "edition": 27, "published": "2013-02-04T00:00:00", "title": "WordPress < 3.5.1 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0235", "CVE-2013-0237", "CVE-2013-0236"], "modified": "2013-02-04T00:00:00", "cpe": ["cpe:/a:wordpress:wordpress"], "id": "WORDPRESS_3_5_1.NASL", "href": "https://www.tenable.com/plugins/nessus/64452", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64452);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-0235\", \"CVE-2013-0236\", \"CVE-2013-0237\");\n script_bugtraq_id(57554, 57555);\n\n script_name(english:\"WordPress < 3.5.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of WordPress.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains a PHP application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the WordPress install hosted on the\nremote web server is affected by multiple vulnerabilities :\n\n - The application is affected by a server-side request\n forgery vulnerability in the 'pingback.ping' method\n used in 'xmlrpc.php'. This vulnerability can be used to\n expose information and remotely port scan a host using\n pingbacks. (CVE-2013-0235)\n\n - The application is affected by two instances of\n cross-site scripting (XSS) attacks via shortcodes and\n post content. (CVE-2013-0236)\n\n - The application is affected by a cross-site scripting\n (XSS) vulnerability in the Plupload external library.\n (CVE-2013-0237)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/FireFart/WordpressPingbackPortScanner\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/525045/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://wordpress.org/news/2013/01/wordpress-3-5-1/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://codex.wordpress.org/Version_3.5.1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to WordPress 3.5.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0235\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/04\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wordpress:wordpress\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wordpress_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/WordPress\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\napp = \"WordPress\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:80, php:TRUE);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\n\ndir = install['path'];\nversion = install['version'];\ninstall_url = build_url(port:port, qs:dir);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nver = split(version, sep:\".\", keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n# Versions less than 3.5.1 are vulnerable\nif (\n ver[0] < 3 ||\n (ver[0] == 3 && ver[1] < 5) ||\n (ver[0] == 3 && ver[1] == 5 && ver[2] < 1)\n)\n{\n set_kb_item(name:\"www/\"+port+\"/XSS\", value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' +install_url+\n '\\n Installed version : ' +version+\n '\\n Fixed version : 3.5.1\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, version);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-07T10:43:34", "description": "Wordpress reports :\n\nWordPress 3.5.1 also addresses the following security issues :\n\n- A server-side request forgery vulnerability and remote port scanning\nusing pingbacks. This vulnerability, which could potentially be used\nto expose information and compromise a site, affects all previous\nWordPress versions. This was fixed by the WordPress security team.\nWe'd like to thank security researchers Gennady Kovshenin and Ryan\nDewhurst for reviewing our work.\n\n- Two instances of cross-site scripting via shortcodes and post\ncontent. These issues were discovered by Jon Cave of the WordPress\nsecurity team.\n\n- A cross-site scripting vulnerability in the external library\nPlupload. Thanks to the Moxiecode team for working with us on this,\nand for releasing Plupload 1.5.5 to address this issue.", "edition": 22, "published": "2013-01-30T00:00:00", "title": "FreeBSD : wordpress -- multiple vulnerabilities (559e00b7-6a4d-11e2-b6b0-10bf48230856)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0235", "CVE-2013-0237", "CVE-2013-0236"], "modified": "2013-01-30T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ru-wordpress", "p-cpe:/a:freebsd:freebsd:ja-wordpress", "p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_TW", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:de-wordpress", "p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_CN", "p-cpe:/a:freebsd:freebsd:wordpress"], "id": "FREEBSD_PKG_559E00B76A4D11E2B6B010BF48230856.NASL", "href": "https://www.tenable.com/plugins/nessus/64288", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64288);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-0235\", \"CVE-2013-0236\", \"CVE-2013-0237\");\n\n script_name(english:\"FreeBSD : wordpress -- multiple vulnerabilities (559e00b7-6a4d-11e2-b6b0-10bf48230856)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Wordpress reports :\n\nWordPress 3.5.1 also addresses the following security issues :\n\n- A server-side request forgery vulnerability and remote port scanning\nusing pingbacks. This vulnerability, which could potentially be used\nto expose information and compromise a site, affects all previous\nWordPress versions. This was fixed by the WordPress security team.\nWe'd like to thank security researchers Gennady Kovshenin and Ryan\nDewhurst for reviewing our work.\n\n- Two instances of cross-site scripting via shortcodes and post\ncontent. These issues were discovered by Jon Cave of the WordPress\nsecurity team.\n\n- A cross-site scripting vulnerability in the external library\nPlupload. Thanks to the Moxiecode team for working with us on this,\nand for releasing Plupload 1.5.5 to address this issue.\"\n );\n # https://vuxml.freebsd.org/freebsd/559e00b7-6a4d-11e2-b6b0-10bf48230856.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?485eec04\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:de-wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ja-wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ru-wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:zh-wordpress-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"wordpress<3.5.1,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"zh-wordpress-zh_CN<3.5.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"zh-wordpress-zh_TW<3.5.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"de-wordpress<3.5.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ja-wordpress<3.5.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ru-wordpress<3.5.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-12T10:11:05", "description": "WordPress 3.5.1 is now available. Version 3.5.1 is the first\nmaintenance release of 3.5, fixing 37 bugs. It is also a security\nrelease for all previous WordPress versions. Which include :\n\n - Editor: Prevent certain HTML elements from being\n unexpectedly removed or modified in rare cases.\n\n - Media: Fix a collection of minor workflow and\n compatibility issues in the new media manager.\n\n - Networks: Suggest proper rewrite rules when creating a\n new network.\n\n - Prevent scheduled posts from being stripped of certain\n HTML, such as video embeds, when they are published.\n\n - Work around some misconfigurations that may have\n caused some JavaScript in the WordPress admin area to\n fail.\n\n - Suppress some warnings that could occur when a plugin\n misused the database or user APIs.\n\nWordPress 3.5.1 also addresses the following security issues :\n\n - A server-side request forgery vulnerability and remote\n port scanning using pingbacks. This vulnerability, which\n could potentially be used to expose information and\n compromise a site, affects all previous WordPress\n versions. This was fixed by the WordPress security team.\n We'd like to thank security researchers Gennady\n Kovshenin and Ryan Dewhurst for reviewing our work.\n\n - Two instances of cross-site scripting via shortcodes\n and post content. These issues were discovered by Jon\n Cave of the WordPress security team.\n\n - A cross-site scripting vulnerability in the external\n library Plupload. Thanks to the Moxiecode team for\n working with us on this, and for releasing Plupload\n 1.5.5 to address this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "published": "2013-02-11T00:00:00", "title": "Fedora 17 : wordpress-3.5.1-1.fc17 (2013-1692)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0235"], "modified": "2013-02-11T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:wordpress"], "id": "FEDORA_2013-1692.NASL", "href": "https://www.tenable.com/plugins/nessus/64539", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-1692.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64539);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0235\");\n script_bugtraq_id(57554);\n script_xref(name:\"FEDORA\", value:\"2013-1692\");\n\n script_name(english:\"Fedora 17 : wordpress-3.5.1-1.fc17 (2013-1692)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"WordPress 3.5.1 is now available. Version 3.5.1 is the first\nmaintenance release of 3.5, fixing 37 bugs. It is also a security\nrelease for all previous WordPress versions. Which include :\n\n - Editor: Prevent certain HTML elements from being\n unexpectedly removed or modified in rare cases.\n\n - Media: Fix a collection of minor workflow and\n compatibility issues in the new media manager.\n\n - Networks: Suggest proper rewrite rules when creating a\n new network.\n\n - Prevent scheduled posts from being stripped of certain\n HTML, such as video embeds, when they are published.\n\n - Work around some misconfigurations that may have\n caused some JavaScript in the WordPress admin area to\n fail.\n\n - Suppress some warnings that could occur when a plugin\n misused the database or user APIs.\n\nWordPress 3.5.1 also addresses the following security issues :\n\n - A server-side request forgery vulnerability and remote\n port scanning using pingbacks. This vulnerability, which\n could potentially be used to expose information and\n compromise a site, affects all previous WordPress\n versions. This was fixed by the WordPress security team.\n We'd like to thank security researchers Gennady\n Kovshenin and Ryan Dewhurst for reviewing our work.\n\n - Two instances of cross-site scripting via shortcodes\n and post content. These issues were discovered by Jon\n Cave of the WordPress security team.\n\n - A cross-site scripting vulnerability in the external\n library Plupload. Thanks to the Moxiecode team for\n working with us on this, and for releasing Plupload\n 1.5.5 to address this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=904120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=904121\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=904122\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/098575.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b183b7f2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"wordpress-3.5.1-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-20T15:49:11", "description": "The WordPress install hosted on the remote web server is affected by a\nserver-side request forgery vulnerability because the 'pingback.ping'\nmethod used in 'xmlrpc.php' fails to properly validate source URIs\n(Uniform Resource Identifiers). A remote, unauthenticated attacker can\nexploit this issue to disclose sensitive information and conduct\nremote port scanning against a remote host.", "edition": 28, "published": "2013-02-04T00:00:00", "title": "WordPress 'xmlrpc.php' pingback.ping Server-Side Request Forgery", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0235"], "modified": "2013-02-04T00:00:00", "cpe": ["cpe:/a:wordpress:wordpress"], "id": "WORDPRESS_XMLRPC_PINGBACK_REQUEST_FORGERY.NASL", "href": "https://www.tenable.com/plugins/nessus/64453", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64453);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-0235\");\n script_bugtraq_id(57554);\n\n script_name(english:\"WordPress 'xmlrpc.php' pingback.ping Server-Side Request Forgery\");\n script_summary(english:\"Attempts to verify the existence of files.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains a PHP application that is affected by a\nserver-side request forgery vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The WordPress install hosted on the remote web server is affected by a\nserver-side request forgery vulnerability because the 'pingback.ping'\nmethod used in 'xmlrpc.php' fails to properly validate source URIs\n(Uniform Resource Identifiers). A remote, unauthenticated attacker can\nexploit this issue to disclose sensitive information and conduct\nremote port scanning against a remote host.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/FireFart/WordpressPingbackPortScanner\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/525045/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://wordpress.org/news/2013/01/wordpress-3-5-1/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://codex.wordpress.org/Version_3.5.1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to WordPress 3.5.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0235\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"exploited_by_nessus\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wordpress:wordpress\");\n script_end_attributes();\n\n script_category(ACT_ATTACK);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wordpress_detect.nasl\", \"os_fingerprint.nasl\");\n script_require_keys(\"installed_sw/WordPress\", \"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\ninclude(\"data_protection.inc\");\n\napp = \"WordPress\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:80, php:TRUE);\n\ninstall = get_single_install(\n app_name : app,\n port : port\n);\n\ndir = install['path'];\ninstall_url = build_url(port:port, qs:dir);\n\n# Determine what to look for.\nos = get_kb_item(\"Host/OS\");\nif (os && report_paranoia < 2)\n{\n if (\"Windows\" >< os) files = make_list('windows/win.ini', 'winnt/win.ini');\n else files = make_list('etc/passwd');\n}\nelse files = make_list('etc/passwd', 'windows/win.ini', 'winnt/win.ini');\n\n# Verify that xmlrpc.php is accessible\nvuln = FALSE;\n\nres = http_send_recv3(\n method : \"GET\",\n item : dir + \"/xmlrpc.php\",\n port : port,\n exit_on_fail : TRUE\n);\n\nif (\"XML-RPC server accepts POST requests only\" >< res[2])\n{\n foreach file (files)\n {\n postdata = '<?xml version=\"1.0\" encoding=\"utf-8\"?>\\r\\n' +\n '<methodCall>\\r\\n' +\n ' <methodName>pingback.ping</methodName>\\r\\n' +\n ' <params>\\r\\n' +\n ' <param><value><string>file:///' +file+ '</string></value></param>\\r\\n'+\n ' <param><value><string>' +install_url+ '/?p=1</string></value></param>'+\n '\\r\\n' +\n ' </params>\\r\\n' +\n '</methodCall>\\r\\n';\n\n res = http_send_recv3(\n method : \"POST\",\n item : dir + \"/xmlrpc.php\",\n data : postdata,\n content_type : \"application/x-www-form-urlencoded\",\n port : port,\n exit_on_fail : TRUE\n );\n exp_request = http_last_sent_request();\n\n # If file is found, our string will report our title is not found\n # Else our response will reflect 'The source URL does not exist.'\n if (\"<string>We cannot find a title on that page\" >< res[2])\n {\n vuln = TRUE;\n break;\n }\n }\n}\n\nif (!vuln)\n audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url);\n\nif (report_verbosity > 0)\n{\n res[2] = data_protection::redact_etc_passwd(output:res[2]);\n snip = crap(data:\"-\", length:30)+' snip '+ crap(data:\"-\", length:30);\n report =\n '\\nNessus was able to verify the issue exists using the following request :' +\n '\\n' +\n '\\n' + exp_request +\n '\\n';\n if (report_verbosity > 1)\n {\n report +=\n '\\n' + 'By examining the response, Nessus was able to verify the file'+\n '\\n' + '\"' +file+ '\" exists on the remote host. This can be observed' +\n '\\n' + 'in the following output :' +\n '\\n' +\n '\\n' + snip +\n '\\n' + chomp(res[2]) +\n '\\n' + snip +\n '\\n';\n }\n security_warning(port:port, extra:report);\n}\nelse security_warning(port);\n\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-12T10:11:12", "description": "WordPress 3.5.1 is now available. Version 3.5.1 is the first\nmaintenance release of 3.5, fixing 37 bugs. It is also a security\nrelease for all previous WordPress versions. Which include :\n\n - Editor: Prevent certain HTML elements from being\n unexpectedly removed or modified in rare cases.\n\n - Media: Fix a collection of minor workflow and\n compatibility issues in the new media manager.\n\n - Networks: Suggest proper rewrite rules when creating a\n new network.\n\n - Prevent scheduled posts from being stripped of certain\n HTML, such as video embeds, when they are published.\n\n - Work around some misconfigurations that may have\n caused some JavaScript in the WordPress admin area to\n fail.\n\n - Suppress some warnings that could occur when a plugin\n misused the database or user APIs.\n\nWordPress 3.5.1 also addresses the following security issues :\n\n - A server-side request forgery vulnerability and remote\n port scanning using pingbacks. This vulnerability, which\n could potentially be used to expose information and\n compromise a site, affects all previous WordPress\n versions. This was fixed by the WordPress security team.\n We'd like to thank security researchers Gennady\n Kovshenin and Ryan Dewhurst for reviewing our work.\n\n - Two instances of cross-site scripting via shortcodes\n and post content. These issues were discovered by Jon\n Cave of the WordPress security team.\n\n - A cross-site scripting vulnerability in the external\n library Plupload. Thanks to the Moxiecode team for\n working with us on this, and for releasing Plupload\n 1.5.5 to address this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "published": "2013-02-11T00:00:00", "title": "Fedora 18 : wordpress-3.5.1-1.fc18 (2013-1774)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0235"], "modified": "2013-02-11T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:wordpress"], "id": "FEDORA_2013-1774.NASL", "href": "https://www.tenable.com/plugins/nessus/64544", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-1774.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64544);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0235\");\n script_bugtraq_id(57554);\n script_xref(name:\"FEDORA\", value:\"2013-1774\");\n\n script_name(english:\"Fedora 18 : wordpress-3.5.1-1.fc18 (2013-1774)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"WordPress 3.5.1 is now available. Version 3.5.1 is the first\nmaintenance release of 3.5, fixing 37 bugs. It is also a security\nrelease for all previous WordPress versions. Which include :\n\n - Editor: Prevent certain HTML elements from being\n unexpectedly removed or modified in rare cases.\n\n - Media: Fix a collection of minor workflow and\n compatibility issues in the new media manager.\n\n - Networks: Suggest proper rewrite rules when creating a\n new network.\n\n - Prevent scheduled posts from being stripped of certain\n HTML, such as video embeds, when they are published.\n\n - Work around some misconfigurations that may have\n caused some JavaScript in the WordPress admin area to\n fail.\n\n - Suppress some warnings that could occur when a plugin\n misused the database or user APIs.\n\nWordPress 3.5.1 also addresses the following security issues :\n\n - A server-side request forgery vulnerability and remote\n port scanning using pingbacks. This vulnerability, which\n could potentially be used to expose information and\n compromise a site, affects all previous WordPress\n versions. This was fixed by the WordPress security team.\n We'd like to thank security researchers Gennady\n Kovshenin and Ryan Dewhurst for reviewing our work.\n\n - Two instances of cross-site scripting via shortcodes\n and post content. These issues were discovered by Jon\n Cave of the WordPress security team.\n\n - A cross-site scripting vulnerability in the external\n library Plupload. Thanks to the Moxiecode team for\n working with us on this, and for releasing Plupload\n 1.5.5 to address this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=904120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=904121\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=904122\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/098476.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b8f719cf\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"wordpress-3.5.1-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"wordpress\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-12T09:47:56", "description": "Several vulnerabilities were identified in WordPress, a web blogging\ntool. As the CVEs were allocated from releases announcements and\nspecific fixes are usually not identified, it has been decided to\nupgrade the wordpress package to the latest upstream version instead\nof backporting the patches.\n\nThis means extra care should be taken when upgrading, especially when\nusing third-party plugins or themes, since compatibility may have been\nimpacted along the way. We recommend that users check their install\nbefore doing the upgrade.\n\n - CVE-2013-2173\n A denial of service was found in the way WordPress\n performs hash computation when checking password for\n protected posts. An attacker supplying carefully crafted\n input as a password could make the platform use\n excessive CPU usage.\n\n - CVE-2013-2199\n Multiple server-side requests forgery (SSRF)\n vulnerabilities were found in the HTTP API. This is\n related to CVE-2013-0235, which was specific to SSRF in\n pingback requests and was fixed in 3.5.1.\n\n - CVE-2013-2200\n Inadequate checking of a user's capabilities could lead\n to a privilege escalation, enabling them to publish\n posts when their user role should not allow for it and\n to assign posts to other authors.\n\n - CVE-2013-2201\n Multiple cross-side scripting (XSS) vulnerabilities due\n to badly escaped input were found in the media files and\n plugins upload forms.\n\n - CVE-2013-2202\n XML External Entity Injection (XXE) vulnerability via\n oEmbed responses.\n\n - CVE-2013-2203\n A Full path disclosure (FPD) was found in the file\n upload mechanism. If the upload directory is not\n writable, the error message returned includes the full\n directory path.\n\n - CVE-2013-2204\n Content spoofing via Flash applet in the embedded\n tinyMCE media plugin.\n\n - CVE-2013-2205\n Cross-domain XSS in the embedded SWFupload uploader.", "edition": 17, "published": "2013-07-03T00:00:00", "title": "Debian DSA-2718-1 : wordpress - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2173", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-2205", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-2202", "CVE-2013-2200", "CVE-2013-2204"], "modified": "2013-07-03T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:wordpress", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2718.NASL", "href": "https://www.tenable.com/plugins/nessus/67131", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2718. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67131);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2173\", \"CVE-2013-2199\", \"CVE-2013-2200\", \"CVE-2013-2201\", \"CVE-2013-2202\", \"CVE-2013-2203\", \"CVE-2013-2204\", \"CVE-2013-2205\");\n script_bugtraq_id(60477, 60757, 60758, 60759, 60770, 60775, 60781, 60825);\n script_xref(name:\"DSA\", value:\"2718\");\n\n script_name(english:\"Debian DSA-2718-1 : wordpress - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were identified in WordPress, a web blogging\ntool. As the CVEs were allocated from releases announcements and\nspecific fixes are usually not identified, it has been decided to\nupgrade the wordpress package to the latest upstream version instead\nof backporting the patches.\n\nThis means extra care should be taken when upgrading, especially when\nusing third-party plugins or themes, since compatibility may have been\nimpacted along the way. We recommend that users check their install\nbefore doing the upgrade.\n\n - CVE-2013-2173\n A denial of service was found in the way WordPress\n performs hash computation when checking password for\n protected posts. An attacker supplying carefully crafted\n input as a password could make the platform use\n excessive CPU usage.\n\n - CVE-2013-2199\n Multiple server-side requests forgery (SSRF)\n vulnerabilities were found in the HTTP API. This is\n related to CVE-2013-0235, which was specific to SSRF in\n pingback requests and was fixed in 3.5.1.\n\n - CVE-2013-2200\n Inadequate checking of a user's capabilities could lead\n to a privilege escalation, enabling them to publish\n posts when their user role should not allow for it and\n to assign posts to other authors.\n\n - CVE-2013-2201\n Multiple cross-side scripting (XSS) vulnerabilities due\n to badly escaped input were found in the media files and\n plugins upload forms.\n\n - CVE-2013-2202\n XML External Entity Injection (XXE) vulnerability via\n oEmbed responses.\n\n - CVE-2013-2203\n A Full path disclosure (FPD) was found in the file\n upload mechanism. If the upload directory is not\n writable, the error message returned includes the full\n directory path.\n\n - CVE-2013-2204\n Content spoofing via Flash applet in the embedded\n tinyMCE media plugin.\n\n - CVE-2013-2205\n Cross-domain XSS in the embedded SWFupload uploader.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=713947\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-0235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2200\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2201\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2203\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/wordpress\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/wordpress\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2718\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the wordpress packages.\n\nFor the oldstable distribution (squeeze), these problems have been\nfixed in version 3.5.2+dfsg-1~deb6u1.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 3.5.2+dfsg-1~deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"wordpress\", reference:\"3.5.2+dfsg-1~deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"wordpress-l10n\", reference:\"3.5.2+dfsg-1~deb6u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wordpress\", reference:\"3.5.2+dfsg-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"wordpress-l10n\", reference:\"3.5.2+dfsg-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:54:14", "description": "Updated wordpress package fixes security vulnerabilities :\n\nA denial of service flaw was found in the way Wordpress, a blog tool\nand publishing platform, performed hash computation when checking\npassword for password protected blog posts. A remote attacker could\nprovide a specially- crafted input that, when processed by the\npassword checking mechanism of Wordpress would lead to excessive CPU\nconsumption (CVE-2013-2173).\n\nInadequate SSRF protection for HTTP requests where the user can\nprovide a URL can allow for attacks against the intranet and other\nsites. This is a continuation of work related to CVE-2013-0235, which\nwas specific to SSRF in pingback requests and was fixed in 3.5.1\n(CVE-2013-2199).\n\nInadequate checking of a user's capabilities could allow them to\npublish posts when their user role should not allow for it; and to\nassign posts to other authors (CVE-2013-2200).\n\nInadequate escaping allowed an administrator to trigger a cross-site\nscripting vulnerability through the uploading of media files and\nplugins (CVE-2013-2201).\n\nThe processing of an oEmbed response is vulnerable to an XXE\n(CVE-2013-2202).\n\nIf the uploads directory is not writable, error message data returned\nvia XHR will include a full path to the directory (CVE-2013-2203).\n\nContent Spoofing in the MoxieCode (TinyMCE) MoxiePlayer project\n(CVE-2013-2204).\n\nCross-domain XSS in SWFUpload (CVE-2013-2205).", "edition": 25, "published": "2013-07-03T00:00:00", "title": "Mandriva Linux Security Advisory : wordpress (MDVSA-2013:189)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2173", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-2205", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-2202", "CVE-2013-2200", "CVE-2013-2204"], "modified": "2013-07-03T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:wordpress"], "id": "MANDRIVA_MDVSA-2013-189.NASL", "href": "https://www.tenable.com/plugins/nessus/67134", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:189. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67134);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-2173\", \"CVE-2013-2199\", \"CVE-2013-2200\", \"CVE-2013-2201\", \"CVE-2013-2202\", \"CVE-2013-2203\", \"CVE-2013-2204\", \"CVE-2013-2205\");\n script_bugtraq_id(60477, 60757, 60758, 60759, 60770, 60775, 60781, 60825);\n script_xref(name:\"MDVSA\", value:\"2013:189\");\n\n script_name(english:\"Mandriva Linux Security Advisory : wordpress (MDVSA-2013:189)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated wordpress package fixes security vulnerabilities :\n\nA denial of service flaw was found in the way Wordpress, a blog tool\nand publishing platform, performed hash computation when checking\npassword for password protected blog posts. A remote attacker could\nprovide a specially- crafted input that, when processed by the\npassword checking mechanism of Wordpress would lead to excessive CPU\nconsumption (CVE-2013-2173).\n\nInadequate SSRF protection for HTTP requests where the user can\nprovide a URL can allow for attacks against the intranet and other\nsites. This is a continuation of work related to CVE-2013-0235, which\nwas specific to SSRF in pingback requests and was fixed in 3.5.1\n(CVE-2013-2199).\n\nInadequate checking of a user's capabilities could allow them to\npublish posts when their user role should not allow for it; and to\nassign posts to other authors (CVE-2013-2200).\n\nInadequate escaping allowed an administrator to trigger a cross-site\nscripting vulnerability through the uploading of media files and\nplugins (CVE-2013-2201).\n\nThe processing of an oEmbed response is vulnerable to an XXE\n(CVE-2013-2202).\n\nIf the uploads directory is not writable, error message data returned\nvia XHR will include a full path to the directory (CVE-2013-2203).\n\nContent Spoofing in the MoxieCode (TinyMCE) MoxiePlayer project\n(CVE-2013-2204).\n\nCross-domain XSS in SWFUpload (CVE-2013-2205).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2013-0198.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected wordpress package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:wordpress\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"wordpress-3.5.2-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "wpvulndb": [{"lastseen": "2021-02-15T21:56:54", "bulletinFamily": "software", "cvelist": ["CVE-2013-0236"], "description": "\n", "modified": "2020-10-25T14:05:10", "published": "2014-08-01T00:00:00", "id": "WPVDB-ID:DD960CFA-1C04-47FD-9467-743475FCD536", "href": "https://wpscan.com/vulnerability/dd960cfa-1c04-47fd-9467-743475fcd536", "type": "wpvulndb", "title": "WordPress 3.5 - Shortcodes / Post Content Multiple Unspecified XSS", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-02-15T21:57:41", "bulletinFamily": "software", "cvelist": ["CVE-2013-0235"], "description": "\n", "modified": "2019-10-21T08:54:05", "published": "2014-08-01T10:58:20", "id": "WPVDB-ID:21079A9F-7256-4EC0-B93D-44B489720CDE", "href": "https://wpscan.com/vulnerability/21079a9f-7256-4ec0-b93d-44b489720cde", "type": "wpvulndb", "title": "WordPress 1.5.1 - 3.5 XMLRPC Pingback API Internal/External Port Scanning", "sourceData": "", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "thn": [{"lastseen": "2018-01-27T09:17:58", "bulletinFamily": "info", "cvelist": ["CVE-2013-0235"], "description": "[](<https://4.bp.blogspot.com/-qyzRx7sFq60/UyALUkhwgZI/AAAAAAAAaiY/P6_WjqkvFsI/s1600/Wordpress-Pingback-ddos-attack.png>)\n\nDDoS attacks are a growing issue facing by governments and businesses. In a recent attack, thousands of legitimate WordPress websites have been hijacked by hackers, without the need for them to be compromised. Instead, the attackers took advantage of an existing WordPress vulnerability (_CVE-2013-0235_) - \u201c_[Pingback Denial of Service possibility](<https://thehackernews.com/search/label/pingback>)_\u201d.\n\n \n\n\nAccording to security company _[Sucuri](<http://blog.sucuri.net/2014/03/more-than-162000-wordpress-sites-used-for-distributed-denial-of-service-attack.html>),_ in a recent amplification attack more than 162,000 legitimate Wordpress sites were abused to launch a large-scale [distributed denial-of-service (DDoS) attack](<https://thehackernews.com/search/label/ddos%20attack>).\n\n \n\n\nThe attack exploited an issue with the _XML-RPC (XML remote procedure call) _of the WordPress, use to provide services such as Pingbacks, trackbacks, which allows anyone to initiate a request from WordPress to an arbitrary site. \n \nThe functionality should be used to generate cross references between blogs, but it can easily be used for a single machine to originate millions of requests from multiple locations.\n\n \n\n\n\"_Any WordPress site with XML-RPC enabled (which is on by default) can be used in DDoS attacks against other sites_,\u201d Sucuri researcher said in the blog post.\n\n \n\n\nThe Pingback mechanism has been known to be a security risk for some time. XML-RPC is enabled by default on WordPress and websites with no protection mechanism are vulnerable to this attack.\n\n \n\n\nTo stop your WordPress website from being misused, you will need to disable the XML-RPC (Pingback) functionality on your site, but completely disabling XML-RPC itself is unlikely because it\u2019s needed for important features. Wordpress administrators can check online [WordPress DDOS Scanner tool](<http://labs.sucuri.net/?is-my-wordpress-ddosing>) to find if their blogs are vulnerable or not and if it is, then a better way to block it is by adding the following code to your theme:\n\n> _add_filter( \u2018xmlrpc_methods\u2019, function( $methods ) {_\n> \n> __unset( $methods['pingback.ping'] );__\n> \n> __return $methods;__\n> \n> __} );__\n\nLast year in a series of similar [DDoS attacks](<https://thehackernews.com/2013/05/millions-of-wordpress-sites-exploitable.html>), more than 10,000 WordPress sites were abused to target Gaming and [Government sites](<https://thehackernews.com/2013/12/ddos-attacks-originated-from-thousands.html>).\n", "modified": "2014-03-12T07:45:09", "published": "2014-03-11T20:45:00", "id": "THN:BE379A796F15B93543F6972B7FEE4338", "href": "https://thehackernews.com/2014/03/162000-vulnerable-wordpress-websites.html", "type": "thn", "title": "162,000 vulnerable WordPress websites abused to perform DDoS Attack", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-01-08T18:01:22", "bulletinFamily": "info", "cvelist": ["CVE-2013-0235"], "description": "[](<http://4.bp.blogspot.com/-ch9QTSYd6ss/UYEVFOUsFAI/AAAAAAAAVdA/oGfoiP0Ob_I/s1600/Millions+of+WordPress+websites+exploitable+for+DDoS+Attacks.png>)\n\n[Distributed Denial of Service](<http://thehackernews.com/search?q=Distributed%20Denial%20of%20Service>) attacks have increased in scale, intensity and frequency. The wide range of motives for these attacks political , criminal, or social makes every merchant or organization with an online presence a potential target.\n\n \n\n\nOver the weekend [Incapsula](<http://thehackernews.com/search?q=Incapsula>) mitigated a unique DDoS attack against a large gaming website, in which they have [discovered](<http://www.incapsula.com/the-incapsula-blog/item/715-wordpress-security-alert-pingback-ddos>) a DDoS attack using thousands of legitimate [WordPress](<http://thehackernews.com/search?q=WordPress>) blogs without the need for them to be compromised.\n\n \n\n\nIncapsula released the list of approximately 2,500 WordPress sites from where the attack was originated, including some very large sites like _Trendmicro.com, Gizmodo.it and Zendesk.com_.\n\n \n\n\nIn a [recent report](<http://thehackernews.com/search?q=DNS%20amplification>), we posted about another method for [DDoS attacks](<http://thehackernews.com/search?q=DDoS%20attack>) using [DNS amplification](<http://thehackernews.com/search?q=DNS%20amplification>), where a DNS request is made to an open [DNS resolver](<http://thehackernews.com/search?q=DNS%20resolver>) with the source IP address forged so that it is the IP address of the targeted site to which the response is thus sent, but this new method uses HTTP rather than DNS.\n\n \n\n\nThe attack makes uses of a feature in the WordPress blogging platform called 'pingback', which allows the author of one blog to send a 'ping' to a post on another blog to notify the latter that it has been referenced. It turns out that most WordPress sites are susceptible to this abuse. Since this feature is enabled by default, and there is no protection mechanism within WordPress against it.\n\n \n\n\nThe Pingback mechanism has been known to be a security risk for some time. Late last year a [similar vulnerability](<http://thehackernews.com/2012/12/wordpress-pingback-vulnerability-serves.html>) was discovered that could turn third party blogs into a powerful port-scanning engine. The vulnerability ([CVE-2013-0235](<http://thehackernews.com/2012/12/wordpress-pingback-vulnerability-serves.html>)) was fixed in in Wordpress 3.5.1, by applying some filtering on allowed URLs.\n\n \n\n\nHowever, in this case the requests do not appear to be amplified, which means the attackers would have to be able to control a large [botnet](<http://thehackernews.com/search?q=botnet>) in order for such attacks to be successful. Incapsula also added that all website using Incapsula are protected from such abuse.\n", "modified": "2013-05-01T13:16:35", "published": "2013-05-01T02:16:00", "id": "THN:F155C0EB92B173820C2A906FB070B734", "href": "http://thehackernews.com/2013/05/millions-of-wordpress-sites-exploitable.html", "type": "thn", "title": "Millions of WordPress sites exploitable for DDoS Attacks using Pingback mechanism", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "metasploit": [{"lastseen": "2020-07-13T21:52:23", "description": "This module will scan for wordpress sites with the Pingback API enabled. By interfacing with the API an attacker can cause the wordpress site to port scan an external target and return results. Refer to the wordpress_pingback_portscanner module. This issue was fixed in wordpress 3.5.1\n", "published": "2013-01-05T01:44:40", "type": "metasploit", "title": "Wordpress Pingback Locator", "bulletinFamily": "exploit", "cvelist": ["CVE-2013-0235"], "modified": "2018-07-12T22:34:52", "id": "MSF:AUXILIARY/SCANNER/HTTP/WORDPRESS_PINGBACK_ACCESS", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Auxiliary\n include Msf::Exploit::Remote::HTTP::Wordpress\n include Msf::Exploit::Remote::HttpClient\n include Msf::Auxiliary::Scanner\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Wordpress Pingback Locator',\n 'Description' => %q{\n This module will scan for wordpress sites with the Pingback\n API enabled. By interfacing with the API an attacker can cause\n the wordpress site to port scan an external target and return\n results. Refer to the wordpress_pingback_portscanner module.\n This issue was fixed in wordpress 3.5.1\n },\n 'Author' =>\n [\n 'Thomas McCarthy \"smilingraccoon\" <smilingraccoon[at]gmail.com>',\n 'Brandon McCann \"zeknox\" <bmccann[at]accuvant.com>' ,\n 'Christian Mehlmauer' # Original PoC\n ],\n 'License' => MSF_LICENSE,\n 'References' =>\n [\n [ 'CVE', '2013-0235' ],\n [ 'URL', 'http://www.securityfocus.com/archive/1/525045/30/30/threaded'],\n [ 'URL', 'http://www.ethicalhack3r.co.uk/security/introduction-to-the-wordpress-xml-rpc-api/'],\n [ 'URL', 'https://github.com/FireFart/WordpressPingbackPortScanner']\n ]\n ))\n\n register_options(\n [\n OptString.new('TARGETURI', [ true, 'The path to wordpress installation (e.g. /wordpress/)', '/'])\n ])\n\n register_advanced_options(\n [\n OptInt.new('NUM_REDIRECTS', [ true, \"Number of HTTP redirects to follow\", 10])\n ])\n end\n\n def setup()\n # Check if database is active\n if db()\n @db_active = true\n else\n @db_active = false\n end\n end\n\n def get_xml_rpc_url(ip)\n # code to find the xmlrpc url when passed in IP\n vprint_status(\"#{ip} - Enumerating XML-RPC URI...\")\n\n begin\n\n uri = target_uri.path\n uri << '/' if uri[-1,1] != '/'\n\n res = send_request_cgi(\n {\n 'method'\t=> 'HEAD',\n 'uri'\t\t=> \"#{uri}\"\n })\n # Check if X-Pingback exists and return value\n if res\n if res['X-Pingback']\n return res['X-Pingback']\n else\n vprint_status(\"#{ip} - X-Pingback header not found\")\n return nil\n end\n else\n return nil\n end\n rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout\n vprint_error(\"#{ip} - Unable to connect\")\n return nil\n end\n end\n\n # Creates the XML data to be sent\n def generate_pingback_xml(target, valid_blog_post)\n xml = \"<?xml version=\\\"1.0\\\" encoding=\\\"iso-8859-1\\\"?>\"\n xml << \"<methodCall>\"\n xml << \"<methodName>pingback.ping</methodName>\"\n xml << \"<params>\"\n xml << \"<param><value><string>#{target}</string></value></param>\"\n xml << \"<param><value><string>#{valid_blog_post}</string></value></param>\"\n xml << \"</params>\"\n xml << \"</methodCall>\"\n return xml\n end\n\n def get_blog_posts(xml_rpc, ip)\n # find all blog posts within IP and determine if pingback is enabled\n blog_posts = wordpress_get_all_blog_posts_via_feed(datastore['NUM_REDIRECTS'])\n blog_posts.each do |blog_post|\n pingback_response = get_pingback_request(xml_rpc, 'http://127.0.0.1', blog_post)\n if pingback_response\n pingback_disabled_match = pingback_response.body.match(/<value><int>33<\\/int><\\/value>/i)\n if pingback_response.code == 200 and pingback_disabled_match.nil?\n print_good(\"#{ip} - Pingback enabled: #{blog_post}\")\n return blog_post\n else\n vprint_status(\"#{ip} - Pingback disabled: #{blog_post}\")\n end\n end\n end\n\n return nil\n end\n\n # method to send xml-rpc requests\n def get_pingback_request(xml_rpc, target, blog_post)\n uri = xml_rpc.sub(/.*?#{target}/,\"\")\n # create xml pingback request\n pingback_xml = generate_pingback_xml(target, blog_post)\n\n # Send post request with crafted XML as data\n begin\n res = send_request_cgi({\n 'uri' => \"#{uri}\",\n 'method' => 'POST',\n 'data'\t => \"#{pingback_xml}\"\n })\n rescue ::Rex::ConnectionRefused, ::Rex::HostUnreachable, ::Rex::ConnectionTimeout\n vprint_error(\"Unable to connect to #{uri}\")\n return nil\n end\n return res\n end\n\n # Save data to vuln table\n def store_vuln(ip, blog)\n report_vuln(\n :host\t\t=> ip,\n :proto\t\t=> 'tcp',\n :port\t\t=> datastore['RPORT'],\n :name\t\t=> self.name,\n :info\t\t=> \"Module #{self.fullname} found pingback at #{blog}\",\n :sname\t\t=> datastore['SSL'] ? \"https\" : \"http\"\n )\n end\n\n # main control method\n def run_host(ip)\n unless wordpress_and_online?\n print_error(\"#{ip} does not seeem to be Wordpress site\")\n return\n end\n\n # call method to get xmlrpc url\n xmlrpc = get_xml_rpc_url(ip)\n\n # once xmlrpc url is found, get_blog_posts\n if xmlrpc.nil?\n print_error(\"#{ip} - It doesn't appear to be vulnerable\")\n else\n hash = get_blog_posts(xmlrpc, ip)\n\n if hash\n store_vuln(ip, hash) if @db_active\n else\n print_status(\"#{ip} - X-Pingback enabled but no vulnerable blogs found\")\n end\n end\n end\nend\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/wordpress_pingback_access.rb"}], "debian": [{"lastseen": "2020-11-11T13:20:24", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2173", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-2205", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-2202", "CVE-2013-2200", "CVE-2013-2204"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2718-1 security@debian.org\nhttp://www.debian.org/security/ Yves-Alexis Perez\nJuly 01, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wordpress\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-2173 CVE-2013-2199 CVE-2013-2200 CVE-2013-2201 \n CVE-2013-2202 CVE-2013-2203 CVE-2013-2204 CVE-2013-2205\nDebian Bug : 713947\n\nSeveral vulnerabilities were identified in Wordpress, a web blogging\ntool. As the CVEs were allocated from releases announcements and\nspecific fixes are usually not identified, it has been decided to\nupgrade the Wordpress package to the latest upstream version instead of\nbackporting the patches.\n\nThis means extra care should be taken when upgrading, especially when\nusing third-party plugins or themes, since compatibility may have been\nimpacted along the way. We recommend that users check their install\nbefore doing the upgrade.\n\nCVE-2013-2173\n\n A denial of service was found in the way wordpress performs hash\n computation when checking password for protected posts. An attacker\n supplying carefully crafted input as a password could make the\n platform use excessive CPU usage\n\nCVE-2013-2199\n\n Multiple server-side requests forgery (SSRF) vulnerabilities were\n found in the HTTP API. This is related to CVE-2013-0235, which was\n specific to SSRF in pingback requests and was fixed in 3.5.1\n\nCVE-2013-2200\n\n Inadequate checking of a user's capabilities could lead to a\n privilege escalation, enabling them to publish posts when their\n user role should not allow for it and to assign posts to other\n authors\n\nCVE-2013-2201\n\n Multiple cross-side scripting (XSS) vulnerabilities due to badly\n escaped input were found in the media files and plugins upload forms\n\nCVE-2013-2202\n\n XML External Entity Injection (XXE) vulnerability via oEmbed\n responses\n\nCVE-2013-2203\n\n A Full path disclosure (FPD) was found in the file upload mechanism.\n If the upload directory is not writable, the error message returned\n includes the full directory path\n\nCVE-2013-2204\n\n Content spoofing via flash applet in the embedded tinyMCE media\n plugin\n\nCVE-2013-2205\n\n Cross-domain XSS in the embedded SWFupload uploader\n\nFor the oldstable distribution (squeeze), these problems have been fixed in\nversion 3.5.2+dfsg-1~deb6u1.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 3.5.2+dfsg-1~deb7u1.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 3.5.2+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.5.2+dfsg-1.\n\nWe recommend that you upgrade your wordpress packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2013-07-02T19:51:57", "published": "2013-07-02T19:51:57", "id": "DEBIAN:DSA-2718-1:8E980", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00128.html", "title": "[SECURITY] [DSA 2718-1] wordpress security update", "type": "debian", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:48", "bulletinFamily": "software", "cvelist": ["CVE-2013-2173", "CVE-2013-2201", "CVE-2013-2199", "CVE-2013-2205", "CVE-2013-0235", "CVE-2013-2203", "CVE-2013-2202", "CVE-2013-2200", "CVE-2013-2204"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2718-1 security@debian.org\r\nhttp://www.debian.org/security/ Yves-Alexis Perez\r\nJuly 01, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : wordpress\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2013-2173 CVE-2013-2199 CVE-2013-2200 CVE-2013-2201 \r\n CVE-2013-2202 CVE-2013-2203 CVE-2013-2204 CVE-2013-2205\r\nDebian Bug : 713947\r\n\r\nSeveral vulnerabilities were identified in Wordpress, a web blogging\r\ntool. As the CVEs were allocated from releases announcements and\r\nspecific fixes are usually not identified, it has been decided to\r\nupgrade the Wordpress package to the latest upstream version instead of\r\nbackporting the patches.\r\n\r\nThis means extra care should be taken when upgrading, especially when\r\nusing third-party plugins or themes, since compatibility may have been\r\nimpacted along the way. We recommend that users check their install\r\nbefore doing the upgrade.\r\n\r\nCVE-2013-2173\r\n\r\n A denial of service was found in the way wordpress performs hash\r\n computation when checking password for protected posts. An attacker\r\n supplying carefully crafted input as a password could make the\r\n platform use excessive CPU usage\r\n\r\nCVE-2013-2199\r\n\r\n Multiple server-side requests forgery (SSRF) vulnerabilities were\r\n found in the HTTP API. This is related to CVE-2013-0235, which was\r\n specific to SSRF in pingback requests and was fixed in 3.5.1\r\n\r\nCVE-2013-2200\r\n\r\n Inadequate checking of a user's capabilities could lead to a\r\n privilege escalation, enabling them to publish posts when their\r\n user role should not allow for it and to assign posts to other\r\n authors\r\n\r\nCVE-2013-2201\r\n\r\n Multiple cross-side scripting (XSS) vulnerabilities due to badly\r\n escaped input were found in the media files and plugins upload forms\r\n\r\nCVE-2013-2202\r\n\r\n XML External Entity Injection (XXE) vulnerability via oEmbed\r\n responses\r\n\r\nCVE-2013-2203\r\n\r\n A Full path disclosure (FPD) was found in the file upload mechanism.\r\n If the upload directory is not writable, the error message returned\r\n includes the full directory path\r\n\r\nCVE-2013-2204\r\n\r\n Content spoofing via flash applet in the embedded tinyMCE media\r\n plugin\r\n\r\nCVE-2013-2205\r\n\r\n Cross-domain XSS in the embedded SWFupload uploader\r\n\r\nFor the oldstable distribution (squeeze), these problems have been fixed in\r\nversion 3.5.2+dfsg-1~deb6u1.\r\n\r\nFor the stable distribution (wheezy), these problems have been fixed in\r\nversion 3.5.2+dfsg-1~deb7u1.\r\n\r\nFor the testing distribution (jessie), these problems have been fixed in\r\nversion 3.5.2+dfsg-1.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 3.5.2+dfsg-1.\r\n\r\nWe recommend that you upgrade your wordpress packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.20 (GNU/Linux)\r\n\r\niQEcBAEBCgAGBQJR0y8CAAoJEG3bU/KmdcClIFwH/R0n5bxsMTIoNlVpZKZwY3/T\r\nLMZmw1L7qMV1a32mj4xHRcpAFrHsvSy/aPOedh/9cFGyJ9GJ9UywDlmc/sJjgsHa\r\nq4BaxsMEiwF+r5k3oEDstrlvE487BzVITOPX3+yYazY0wDuGINSQbdWAIUOf0HqH\r\nAXx+0YII3M4Ct1W/p/L7LcLXj0m3i1OsbCCPqXaSKvIIhVCLkJIrrU40ejPQop3K\r\n9i689xDmJ71QuqprxzhYIWX42Vnm8D1S1Cd4kcXyIVqrfE+WnUWqLkmp2tt00eYQ\r\nbtRhHZm5qO1EPH5jSLtFpXYl0IhWUq7w3DSlvvPed+6rPz+PGgCZbDoKQ3PruWI=\r\n=Pm8a\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2013-07-08T00:00:00", "published": "2013-07-08T00:00:00", "id": "SECURITYVULNS:DOC:29527", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29527", "title": "[SECURITY] [DSA 2718-1] wordpress security update", "type": "securityvulns", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}]}
