Lucene search
K

13 matches found

Circl
Circl
added 2018/05/29 3:50 p.m.16 views

CVE-2013-0235

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wordpresspingbackaccess.rb 2025-02-06 03:13:41+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:12+00:00|...

6.4CVSS6AI score0.28857EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2016/02/26 12:0 a.m.34 views

WordPress < 3.5.1 Multiple Vulnerabilities

Binary data 9095.prm...

6.4CVSS6.7AI score0.28857EPSS
Exploits5References7
OpenVAS
OpenVAS
added 2013/10/03 12:0 a.m.32 views

Fedora Update for wordpress FEDORA-2013-16895

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.28857EPSS
Exploits14References2
Prion
Prion
added 2013/07/08 8:55 p.m.35 views

Server side request forgery (ssrf)

The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...

4.3CVSS7.3AI score0.28857EPSS
Exploits3References4Affected Software1
OSV
OSV
added 2013/07/08 8:55 p.m.11 views

CVE-2013-0235

The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery SSRF issue...

6.7AI score
Exploits0References6
CVE
CVE
added 2013/07/08 8:0 p.m.129 views

CVE-2013-0235

CVE-2013-0235 affects WordPress via the XMLRPC API (WordPress prior to 3.5.1). The vulnerability allows a remote attacker to craft a pingback source URL to trigger SRRF-like behavior, enabling the attacker to make the targeted server issue HTTP requests to intranet/internal hosts and perform port...

6.4CVSS6.7AI score0.28857EPSS
Exploits3References5Affected Software1
Debian CVE
Debian CVE
added 2013/07/08 8:0 p.m.44 views

CVE-2013-2199

The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery SSRF issue, a similar vulnerability to CVE-2013-0235...

4.3CVSS5.3AI score0.02044EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/07/05 12:0 a.m.36 views

Fedora Update for wordpress FEDORA-2013-11630

Check for the Version of wordpress OpenVAS Vulnerability Test Fedora Update for wordpress FEDORA-2013-11630 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

6.4CVSS0.2AI score0.28857EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2013/07/05 12:0 a.m.43 views

Fedora Update for wordpress FEDORA-2013-11630

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS7AI score0.28857EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2013/02/11 12:0 a.m.34 views

Fedora Update for wordpress FEDORA-2013-1692

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.4CVSS6.8AI score0.28857EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2013/02/11 12:0 a.m.39 views

Fedora Update for wordpress FEDORA-2013-1774

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.4CVSS6.7AI score0.28857EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2013/02/04 12:0 a.m.1017 views

WordPress 'xmlrpc.php' pingback.ping Server-Side Request Forgery

The WordPress install hosted on the remote web server is affected by a server-side request forgery vulnerability because the 'pingback.ping' method used in 'xmlrpc.php' fails to properly validate source URIs Uniform Resource Identifiers. A remote, unauthenticated attacker can exploit this issue t...

6.4CVSS5.9AI score0.28857EPSS
Exploits3References6
Metasploit
Metasploit
added 2013/01/05 1:44 a.m.76 views

Wordpress Pingback Locator

This module will scan for wordpress sites with the Pingback API enabled. By interfacing with the API an attacker can cause the wordpress site to port scan an external target and return results. Refer to the wordpresspingbackportscanner module. This issue was fixed in wordpress 3.5.1 This module...

6.4CVSS7.1AI score0.28857EPSS
Exploits3
Rows per page
Query Builder