8 matches found
WordPress 4.7.x < 4.7.3 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists in the wpplaylistshortcode function within the /wp-includes/media.php script due to a failure to validate input passed via...
Debian: Security Advisory (DLA-860-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-3815-1 : wordpress - security update
Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to delete unintended files, mount Cross-Site Scripting attacks, or bypass redirect URL validation mechanisms. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
[SECURITY] [DSA 3815-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3815-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 23, 2017 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3815-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 860-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u14 CVE ID : CVE-2017-6814 CVE-2017-6815 CVE-2017-6816 Debian Bug : 857026 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following issues. CVE-2017-6814...
CVE-2017-6815
In WordPress before 4.7.3 wp-includes/pluggable.php, control characters can trick redirect URL validation...
CVE-2017-6815
WordPress before 4.7.3 (wp-includes/pluggable.php) is affected by CVE-2017-6815. The vulnerability arises from a control-character input that bypasses redirect URL validation, allowing an unauthenticated, remote attacker to craft a link that redirects a user to an arbitrary site. A fix is availab...