9 matches found
[SECURITY] [DSA 4090-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4090-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4090-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4090-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 17, 2018 https://www.debian.org/security/faq -...
Debian DLA-1216-1 : wordpress security update
Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following issues. CVE-2017-17091 wp-admin/user-new.php in WordPress sets the newbloguser key to a string that can be directly derived from the user ID, which...
[SECURITY] [DLA 1216-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u20 CVE ID : CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094 Debian Bug : 883314 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following issues...
WordPress < 4.9.1 Multiple Vulnerabilities
According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.9.1. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid105004; scriptversion"1.13";...
WordPress < 4.9.1 Multiple Vulnerabilities - Linux
WordPress prior to 4.9.1 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress < 4.9.1 Multiple Vulnerabilities - Windows
WordPress prior to 4.9.1 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-17091
CVE-2017-17091 affects WordPress applications prior to 4.9.1. The issue is in wp-admin/user-new.php where the newbloguser value is derived from the user ID, allowing remote attackers to bypass access restrictions by entering that string. Evidence from multiple sources (WordPress 4.9.1 security re...
CVE-2017-17091
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string...