[SECURITY] [DSA 3681-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3681-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez September 29, 2016 https://www.debian.org/security/faq -...

Debian DLA-633-1 : wordpress security update

Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following issues. CVE-2015-8834: Cross-site scripting XSS vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject...

[SECURITY] [DLA 633-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb7u12 CVE ID : CVE-2015-8834 CVE-2016-4029 CVE-2016-5836 CVE-2016-6634 CVE-2016-6635 CVE-2016-7168 CVE-2016-7169 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the...

UBUNTU-CVE-2016-4029

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address...

CVE-2016-4029

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address...

CVE-2016-4029

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address...

CVE-2016-4029

WordPress before 4.5 is vulnerable to SSRF bypass because it does not recognize octal/hex IP formats when determining intranet addresses, allowing remote attackers to bypass the SSRF protection mechanism via a crafted address. Affected software: WordPress core; root cause: IP parsing/validation g...