3 matches found
WordPress < 4.9 Multiple Vulnerabilities
WordPress is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
WordPress 4.3.x < 4.3.13 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
Cross-domain Flash Injection (XSF)
WordPress is vulnerable to cross-domain flash injection XSF attacks. The attack can be triggered via the code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file. The vulnerability is possible only when domain-based flashmediaelement.swf sandboxing is not used...