Lucene search
K

9 matches found

Debian
Debian
added 2014/09/17 12:5 p.m.37 views

[SECURITY] [DLA 56-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb6u5 CVE ID : CVE-2014-2053 CVE-2014-5204 CVE-2014-5205 CVE-2014-5240 CVE-2014-5265 CVE-2014-5266 Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information...

7.5CVSS7.2AI score0.24385EPSS
Exploits4
OpenVAS
OpenVAS
added 2014/08/23 12:0 a.m.34 views

Fedora Update for wordpress FEDORA-2014-9270

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9AI score0.24385EPSS
Exploits12References2
Tenable Nessus
Tenable Nessus
added 2014/08/22 12:0 a.m.41 views

Fedora 20 : wordpress-3.9.2-3.fc20 (2014-9264)

Upstream announcement: http://wordpress.org/news/2014/08/wordpress-3-9-2/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS5.3AI score0.24385EPSS
Exploits3References10
OpenVAS
OpenVAS
added 2014/08/22 12:0 a.m.43 views

Fedora Update for wordpress FEDORA-2014-9264

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.24385EPSS
Exploits3References2
OSV
OSV
added 2014/08/18 11:15 a.m.2 views

DEBIAN-CVE-2014-5204

wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CSRF nonces with a different timing depending on which characters in the nonce are incorrect, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack...

6.8CVSS6.8AI score0.0185EPSS
Exploits0References1
OSV
OSV
added 2014/08/18 11:15 a.m.7 views

CVE-2014-5204

wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CSRF nonces with a different timing depending on which characters in the nonce are incorrect, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack...

6.4AI score
Exploits0References5
OSV
OSV
added 2014/08/18 11:15 a.m.5 views

UBUNTU-CVE-2014-5204

wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CSRF nonces with a different timing depending on which characters in the nonce are incorrect, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack...

6.8CVSS5.8AI score0.0185EPSS
Exploits0References3
CVE
CVE
added 2014/08/18 10:0 a.m.94 views

CVE-2014-5204

In WordPress, CVE-2014-5204 affects wp-includes/pluggable.php prior to 3.9.2, where invalid CSRF nonces are rejected with a timing difference depending on which characters are incorrect. This timing discrepancy enables remote attackers to brute-force nonces and bypass CSRF protection. The issue i...

6.8CVSS6.5AI score0.0185EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/08/10 12:0 a.m.39 views

Debian DSA-3001-1 : wordpress - security update

Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information can be found in the upstream advisory at https://wordpress.org/news/2014/08/wordpress-3-9-2/. %NASLMINLEVEL 70300 C Tenable Network Security,...

7.5CVSS8.1AI score0.24385EPSS
Exploits4References9
Rows per page
Query Builder