9 matches found
Debian Security Advisory DSA 3779-1 (wordpress - security update)
Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to hijack victims OpenVAS Vulnerability Test $Id: deb3779.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from advisory DSA 3779-1 using nvtgen 1.0 Script version: 1.0 Author:...
[SECURITY] [DLA 813-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u13 CVE ID : CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612 Debian Bug : 851310 852767 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common...
WordPress < 4.7.1 Multiple Vulnerabilities
Binary data 9894.prm...
CVE-2017-5493
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted 1 site signup or 2 user signup...
CVE-2017-5493
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted 1 site signup or 2 user signup...
CVE-2017-5493
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted 1 site signup or 2 user signup...
CVE-2017-5493
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted 1 site signup or 2 user signup...
CVE-2017-5493
The CVE-2017-5493 issue affects WordPress multisite activation keys in wp-includes/ms-functions.php. The root cause is weak randomness when generating multisite activation keys, which can let an unauthenticated remote attacker bypass access restrictions during (1) site signup or (2) user signup. ...
[ASA-201701-22] wordpress: multiple issues
Arch Linux Security Advisory ASA-201701-22 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-10033 CVE-2016-10045 CVE-2017-5487 CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493 Package : wordpress Type : multiple issue...