Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2017/02/03 12:0 a.m.30 views

Debian Security Advisory DSA 3779-1 (wordpress - security update)

Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to hijack victims OpenVAS Vulnerability Test $Id: deb3779.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3779-1 using nvtgen 1.0 Script version: 1.0 Author:...

7.5CVSS0.3AI score0.09933EPSS
Exploits0References1
Debian
Debian
added 2017/02/01 8:2 a.m.39 views

[SECURITY] [DLA 813-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb7u13 CVE ID : CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 Debian Bug : 851310 852767 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common...

9.8CVSS9.7AI score0.09933EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/01/17 12:0 a.m.32 views

WordPress < 4.7.1 Multiple Vulnerabilities

Binary data 9894.prm...

8.8CVSS7.4AI score0.87299EPSS
Exploits7References8
OSV
OSV
added 2017/01/15 2:59 a.m.28 views

CVE-2017-5492

Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...

8.8CVSS7.2AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2017/01/15 2:59 a.m.54 views

CVE-2017-5492

Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...

8.8CVSS7.2AI score0.0193EPSS
Exploits0References7
CVE
CVE
added 2017/01/15 2:0 a.m.210 views

CVE-2017-5492

CVE-2017-5492 is a CSRF/vulnerability in WordPress 4.x where the widget-editing accessibility-mode feature could be abused to hijack a user’s authenticated session via actions in widgets (related to wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php). Affected versions before 4.7.1 ar...

8.8CVSS7.4AI score0.0193EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2017/01/15 2:0 a.m.29 views

CVE-2017-5492

Cross-site request forgery CSRF vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php...

8.8CVSS9.1AI score0.0193EPSS
Exploits0
ArchLinux
ArchLinux
added 2017/01/15 12:0 a.m.55 views

[ASA-201701-22] wordpress: multiple issues

Arch Linux Security Advisory ASA-201701-22 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-10033 CVE-2016-10045 CVE-2017-5487 CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493 Package : wordpress Type : multiple issue...

9.8CVSS2.2AI score0.99714EPSS
Exploits66References22
Rows per page
Query Builder