Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.32 views

WordPress 4.7.x < 4.7.3 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists in the wpplaylistshortcode function within the /wp-includes/media.php script due to a failure to validate input passed via...

6.5CVSS6.4AI score0.03124EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2017/03/24 12:0 a.m.48 views

Debian DSA-3815-1 : wordpress - security update

Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to delete unintended files, mount Cross-Site Scripting attacks, or bypass redirect URL validation mechanisms. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

6.1CVSS5.8AI score0.03124EPSS
Exploits1References7
Debian
Debian
added 2017/03/23 7:56 a.m.18 views

[SECURITY] [DSA 3815-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3815-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 23, 2017 https://www.debian.org/security/faq -...

5.8CVSS2.3AI score0.03124EPSS
Exploits1
OpenVAS
OpenVAS
added 2017/03/22 12:0 a.m.24 views

Debian: Security Advisory (DSA-3815-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.5AI score0.03124EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2017/03/12 1:0 a.m.23 views

CVE-2017-6817

In WordPress before 4.7.3 wp-includes/embed.php, there is authenticated Cross-Site Scripting XSS in YouTube URL Embeds...

5.4CVSS1.9AI score0.02094EPSS
Exploits0
CVE
CVE
added 2017/03/12 1:0 a.m.249 views

CVE-2017-6817

CVE-2017-6817 affects WordPress versions before 4.7.3, where authenticated XSS is possible via YouTube URL embeds in wp-includes/embed.php. The CVSS metrics in the record indicate a Medium severity (CVSS‑3 base 5.4). Remediation is to upgrade to WordPress 4.7.3 or later (as noted in the WordPress...

5.4CVSS5.4AI score0.02094EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder