294 matches found
WordPress 信息泄露漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. An information disclosure vulnerability exists in Wordpress CMS that originates from being used ...
PT-2021-4051 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.7.1 Description: The issue is related to the exposure of information in WordPress, a content management system. It involves the exploitation of a block in the WordPress editor, which can expose password-protected...
Information Disclosure
johnpbloch/wordpress-core is vulnerable to information disclosure. The vulnerability exists in the getcommentexcerpt function in comment-template.php because the comments from password-protected non-public posts and pages are not restricted from viewing under certain conditions...
WordPress 4.9.x < 4.9.15 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exist in the block editor. - A cross-site scripting XSS vulnerability exist in media files. - An open redirect vulnerability exist...
WordPress 4.7.x < 4.7.18 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exist in the block editor. - A cross-site scripting XSS vulnerability exist in media files. - An open redirect vulnerability exist...
WordPress 4.4.x < 4.4.23 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exist in the block editor. - A cross-site scripting XSS vulnerability exist in media files. - An open redirect vulnerability exist...
WordPress 4.3.x < 4.3.24 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exist in the block editor. - A cross-site scripting XSS vulnerability exist in media files. - An open redirect vulnerability exist...
WordPress 4.0.x < 4.0.31 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exist in the block editor. - A cross-site scripting XSS vulnerability exist in media files. - An open redirect vulnerability exist...
Fedora 32 : wordpress (2020-8447a3e195)
WordPress 5.4.2 Security and Maintenance Release This security and maintenance release features 23 fixes and enhancements. Plus, it adds a number of security fixessee the list below. These bugs affect WordPress versions 5.4.1 and earlier; version 5.4.2 fixes them, so youll want to upgrade. Securi...
WordPress Mobile Pack Plugin Information Disclosure Vulnerability
WordPress Mobile Pack Plugin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2014-5337
The WordPress Mobile Pack plugin before 2.0.2 for WordPress does not properly restrict access to password protected posts, which allows remote attackers to obtain sensitive information via an exportarticles action to export/content.php...
Fedora 18 : wordpress-3.5.2-1.fc18 (2013-11630)
WordPress 3.5.2 is now available. This is the second maintenance release of 3.5, fixing 12 bugs. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. The WordPress security team resolved seven security issues, and this release also...
DEBIAN-CVE-2013-2173
wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service CPU consumption via a crafted value of a certain wp-postpass cookie...
UBUNTU-CVE-2013-2173
wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service CPU consumption via a crafted value of a certain wp-postpass cookie...