CVE-2012-3415

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-2401. Reason: This candidate is a duplicate of CVE-2012-2401. Notes: All CVE users should reference CVE-2012-2401 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

Fedora Update for wordpress FEDORA-2012-6494

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 17 : wordpress-3.3.2-2.fc17 (2012-6494)

Uploading files related security issues were addressed by the upstream upgrade. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora Update for wordpress FEDORA-2012-6511

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 16 : wordpress-3.3.2-2.fc16 (2012-6542)

Uploading files related security issues were addressed by the upstream upgrade. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 15 : wordpress-3.3.2-2.fc15 (2012-6511)

Uploading files related security issues were addressed by the upstream upgrade. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

FreeBSD : wordpress -- multiple vulnerabilities (b384cc5b-8d56-11e1-8d7b-003067b2972c)

Wordpress reports : External code has been updated to non-vulnerable versions. In addition the following bugs have been fixed : - Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances. -...

CVE-2012-2401

Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content...

CVE-2012-2401

CVE-2012-2401 affects WordPress before 3.3.2 via Plupload 1.5.3 and related components, where SWF content loaded from any domain could bypass Same Origin Policy, enabling cross-site scripting/credential risks as described in the vulnerability entry. Root cause: improper origin checks in Plupload ...