10 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-17093
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wp-includes/general-template.php in WordPress before 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow attackers to...
[SECURITY] [DSA 4090-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4090-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4090-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4090-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 17, 2018 https://www.debian.org/security/faq -...
Debian DLA-1216-1 : wordpress security update
Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following issues. CVE-2017-17091 wp-admin/user-new.php in WordPress sets the newbloguser key to a string that can be directly derived from the user ID, which...
[SECURITY] [DLA 1216-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u20 CVE ID : CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094 Debian Bug : 883314 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following issues...
WordPress < 4.9.1 Multiple Vulnerabilities - Linux
WordPress prior to 4.9.1 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress < 4.9.1 Multiple Vulnerabilities - Windows
WordPress prior to 4.9.1 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WordPress < 4.9.1 Multiple Vulnerabilities
According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.9.1. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid105004; scriptversion"1.13";...
CVE-2017-17093
wp-includes/general-template.php in WordPress before 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow attackers to conduct XSS attacks via the language setting of a site...
CVE-2017-17093
CVE-2017-17093 affects WordPress prior to 4.9.1, specifically wp-includes/general-template.php where the lang attribute of an HTML element is not properly restricted. This design flaw can enable cross-site scripting (XSS) via the site language setting. The vulnerability is addressed by WordPress ...