Lucene search
PRIOn knowledge basePRION:CVE-2014-5240HistoryAug 18, 2014 - 11:15 a.m.
Cross site scripting
2014-08-1811:15:00
PRIOn knowledge base
www.prio-n.com
5
Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL.
Related
patchstack
patchstack
WordPress <= 3.9.1 - XSS
2014-08-14 00:00:00
debiancve
debiancve
CVE-2014-5240
2014-08-18 11:15:27
cve
cve
CVE-2014-5240
2014-08-18 11:15:27
ubuntucve
ubuntucve
CVE-2014-5240
2014-08-18 00:00:00
wpvulndb
wpvulndb
WordPress 3.0 - 3.9.1 Authenticated Cross-Site Scripting (XSS) in Multisite
2014-09-16 18:15:20
cvelist
cvelist
CVE-2014-5240
2014-08-18 10:00:00
nvd
nvd
CVE-2014-5240
2014-08-18 11:15:27
nessus
nessus
Debian DSA-3001-1 : wordpress - security update
2014-08-10 00:00:00
Fedora 20 : wordpress-3.9.2-3.fc20 (2014-9264)
2014-08-22 00:00:00
Debian DLA-56-1 : wordpress security update
2015-03-26 00:00:00
osv
osv
wordpress - security update
2014-08-09 00:00:00
wordpress - security update
2014-09-17 00:00:00
openvas
openvas
Debian Security Advisory DSA 3001-1 (wordpress - security update)
2014-08-09 00:00:00
Debian: Security Advisory (DSA-3001-1)
2014-08-08 00:00:00
Debian: Security Advisory (DLA-56-1)
2023-03-08 00:00:00
debian
debian
[SECURITY] [DLA 56-1] wordpress security update
2014-09-17 12:05:46