Lucene search
N/APATCHSTACK:53304F296501BADED5976969EA86B2AEHistoryAug 04, 2015 - 12:00 a.m.
WordPress Legacy Theme <= 4.2.3 - XSS
2015-08-0400:00:00
N/A
patchstack.com
10
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
This vulnerability exists in the Legacy theme preview implementation in wp-includes/theme.php. It allows an attacker to inject arbitrary HTML or web script via a crafted string.
Solution
Update the theme.
Related
cve
cve
CVE-2015-5734
2015-11-09 11:59:00
veracode
veracode
Cross-Site Scripting (XSS)
2017-07-28 03:59:27
wpvulndb
wpvulndb
WordPress <= 4.2.3 - Legacy Theme Preview Cross-Site Scripting (XSS)
2015-08-05 00:00:00
debiancve
debiancve
CVE-2015-5734
2015-11-09 11:59:00
ubuntucve
ubuntucve
CVE-2015-5734
2015-11-09 00:00:00
prion
prion
Cross site scripting
2015-11-09 11:59:00
fedora
fedora
[SECURITY] Fedora 23 Update: wordpress-4.2.4-1.fc23
2015-08-10 10:04:17
[SECURITY] Fedora 22 Update: wordpress-4.2.4-1.fc22
2015-08-13 16:57:53
[SECURITY] Fedora 21 Update: wordpress-4.2.4-1.fc21
2015-08-13 16:54:48
nessus
nessus
Debian DLA-294-1 : wordpress security update
2015-08-20 00:00:00
WordPress < 4.2.4 Multiple Vulnerabilities
2015-12-17 00:00:00
Fedora 23 : wordpress-4.2.4-1.fc23 (2015-12750)
2015-08-11 00:00:00
debian
debian
[SECURITY] [DLA 294-1] wordpress security update
2015-08-19 12:58:59
[SECURITY] [DSA 3332-1] wordpress security update
2015-08-11 19:55:16
[SECURITY] [DSA 3383-1] wordpress security update
2015-10-29 20:02:31
openvas
openvas
Debian: Security Advisory (DLA-294-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3332-1)
2015-08-10 00:00:00
WordPress Multiple Vulnerabilities-01 (Dec 2015) - Windows
2015-12-15 00:00:00
osv
osv
wordpress - security update
2015-08-19 00:00:00
wordpress - regression update
2015-08-11 00:00:00
wordpress - security update
2015-08-11 00:00:00
archlinux
archlinux
wordpress: multiple issues
2015-08-07 00:00:00
freebsd
freebsd
wordpress -- Multiple vulnerability
2015-08-04 00:00:00
mageia
mageia
Updated wordpress package fixes security vulnerability
2015-08-10 17:31:41
securityvulns
securityvulns
[SECURITY] [DSA 3332-1] wordpress security update
2015-08-24 00:00:00
WiFi Pineapple protection bypass
2015-08-24 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related for PATCHSTACK:53304F296501BADED5976969EA86B2AE