14 matches found
Mageia: Security Advisory (MGASA-2013-0285)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for wordpress FEDORA-2014-15526
Check the version of wordpress SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868539";...
Fedora Update for wordpress FEDORA-2014-9270
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for wordpress FEDORA-2014-5028
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for wordpress FEDORA-2013-16895
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : wordpress-3.6.1-1.fc19 (2013-16925)
Fixes security issues for CVE-2013-4338 CVE-2013-4339 CVE-2013-4340 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Mandriva Linux Security Advisory : wordpress (MDVSA-2013:239)
Updated wordpress and php-phpmailer packages fix security vulnerabilities : wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations...
Updated wordpress and php-phpmailer packages fix security vulnerabilities
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations CVE-2013-4338. WordPress before 3.6.1 does not properly validate URLs before...
Debian DSA-2757-1 : wordpress - several vulnerabilities
Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches...
[SECURITY] [DSA 2757-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2757-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 14, 2013 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2757-1 (wordpress - several vulnerabilities)
Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches...
DSA-2757-1 wordpress - several
Bulletin has no description...
CVE-2013-4339
WordPress vulnerability CVE-2013-4339 affects WordPress before 3.6.1, where URL validation is insufficient for HTTP redirects, allowing a crafted URL to bypass redirect restrictions. This is a remote issue with a CVSSv2 base score of 7.5 (HIGH) due to network access, low attack complexity, and no...
CVE-2013-4339
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string...