Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.28 views

WordPress 3.8.x < 3.8.21 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A DOM-based cross-site scripting XSS vulnerability exists in the uploadSizeError function within file wp-includes/js/plupload/handlers.js when handling overly large file...

8.8CVSS7.9AI score0.04079EPSS
Exploits0References8
Debian
Debian
added 2017/06/02 12:47 p.m.39 views

[SECURITY] [DLA 975-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb7u15 CVE ID : CVE-2017-8295 CVE-2017-9061 CVE-2017-9062 CVE-2017-9063 CVE-2017-9064 CVE-2017-9065 Debian Bug : 862053 862816 Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project...

8.8CVSS9AI score0.26699EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2017/06/01 12:0 a.m.56 views

Debian DSA-3870-1 : wordpress - security update

Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

8.8CVSS6.9AI score0.26699EPSS
Exploits7References10
Tenable Nessus
Tenable Nessus
added 2017/05/23 12:0 a.m.31 views

WordPress < 4.7.5 Multiple Vulnerabilities

Binary data 700121.prm...

8.6CVSS7.6AI score0.04079EPSS
Exploits0References7
CVE
CVE
added 2017/05/18 2:0 p.m.156 views

CVE-2017-9061

CVE-2017-9061 is an XSS vulnerability in WordPress before 4.7.5 related to very large file uploads. The root cause is improper restriction of the filename in error messages returned during upload handling, enabling DOM-based script injection. Affected software: WordPress prior to 4.7.5 (WordPress...

6.1CVSS6.4AI score0.01925EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2017/05/18 2:0 p.m.21 views

CVE-2017-9061

In WordPress before 4.7.5, a cross-site scripting XSS vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename...

6.1CVSS1.1AI score0.01925EPSS
Exploits0
Rows per page
Query Builder