6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
In the Debian squeeze-lts version of Wordpress, multiple security issues
have been fixed:
Remote attackers couldβ¦
β¦ upload files with invalid or unsafe names
β¦ mount social engineering attacks
β¦ compromise a site via cross-site scripting
β¦ inject SQL commands
β¦ cause denial of service or information disclosure
CVE-2014-9031
Jouko Pynnonen discovered an unauthenticated cross site scripting
vulnerability (XSS) in wptexturize(), exploitable via comments or
posts.
CVE-2014-9033
Cross site request forgery (CSRF) vulnerability in the password
changing process, which could be used by an attacker to trick an user
into changing her password.
CVE-2014-9034
Javier Nieto Arevalo and Andres Rojas Guerrero reported a potential
denial of service in the way the phpass library is used to handle
passwords, since no maximum password length was set.
CVE-2014-9035
John Blackbourn reported an XSS in the Press This function (used
for quick publishing using a browser bookmarklet).
CVE-2014-9036
Robert Chapin reported an XSS in the HTML filtering of CSS in posts.
CVE-2014-9037
David Anderson reported a hash comparison vulnerability for passwords
stored using the old-style MD5 scheme. While unlikely, this could be
exploited to compromise an account, if the user had not logged in
after a Wordpress 2.5 update (uploaded to Debian on 2 Apr, 2008) and
the password MD5 hash could be collided with due to PHP dynamic
comparison.
CVE-2014-9038
Ben Bidner reported a server side request forgery (SSRF) in the core
HTTP layer which unsufficiently blocked the loopback IP address
space.
CVE-2014-9039
Momen Bassel, Tanoy Bose, and Bojan Slavkovic reported a
vulnerability in the password reset process: an email address change
would not invalidate a previous password reset email.
CVE-2015-3438
Cedric Van Bockhaven reported and Gary Pendergast, Mike Adams, and Andrew Nacin of the
WordPress security team fixed a cross-site-scripting vulnerabilitity, which could enable anonymous users
to compromise a site.
CVE-2015-3439
Jakub Zoczek discovered a very limited cross-site scripting
vulnerability, that could be used as part of a social engineering
attack.
CVE-2015-3440
Jouko PynnΔΕnen discovered a cross-site scripting vulnerability,
which could enable commenters to compromise a site.