Debian: Security Advisory (DLA-1151-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1151-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb7u17 CVE ID : CVE-2016-9263 CVE-2017-14718 CVE-2017-14719 CVE-2017-14720 CVE-2017-14721 CVE-2017-14722 CVE-2017-14723 CVE-2017-14725 CVE-2017-14990 Debian Bug : 876274 877629 Several vulnerabilities were discovered in wordpress, a web blogging tool. Th...

CVE-2016-9263

WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection XSF attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file...

CVE-2016-9263

CVE-2016-9263 affects WordPress; the issue arises when domain-based flashmediaelement.swf sandboxing is not used, enabling remote cross-domain Flash injection (XSF) via code in wp-includes/js/mediaelement/flashmediaelement.swf. Connected documents confirm WordPress-related vulnerabilities of this...