2 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-14990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress 4.8.2 stores cleartext wpsignups.activationkey values but stores the analogous wpusers.useractivationkey values as hashes, which might make it easier...
DEBIAN-CVE-2017-14990
WordPress 4.8.2 stores cleartext wpsignups.activationkey values but stores the analogous wpusers.useractivationkey values as hashes, which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access such as access gained through an unspecified...