10 matches found
WordPress 3.8.x < 3.8.21 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A DOM-based cross-site scripting XSS vulnerability exists in the uploadSizeError function within file wp-includes/js/plupload/handlers.js when handling overly large file...
[SECURITY] [DSA 4090-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4090-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4090-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4090-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 17, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DLA 1075-1] wordpress security update
Package : wordpress Version : 3.6.1+dfsg-1deb7u16 CVE ID : CVE-2017-9066 Debian Bug : 862816 In WordPress, there is insufficient redirect validation in the HTTP class, leading to SSRF. For Debian 7 "Wheezy", these problems have been fixed in version 3.6.1+dfsg-1deb7u16. We recommend that you...
WordPress < 4.7.5 Multiple Vulnerabilities
Binary data 700121.prm...
CVE-2017-9066
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF...
CVE-2017-9066
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF...
CVE-2017-9066
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF...
CVE-2017-9066
CVE-2017-9066 affects WordPress prior to 4.7.5. The issue is insufficient redirect validation in the WordPress HTTP class WP_Http::request(), enabling SSRF via crafted redirects. Impact is described as HIGH for integrity/availability in CVSS terms, with exploitation possible over network and no u...
CVE-2017-9066
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF...