Lucene search
K

6 matches found

Debian
Debian
added 2019/03/01 7:3 a.m.195 views

[SECURITY] [DSA 4401-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4401-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 01, 2019 https://www.debian.org/security/faq -...

9.8CVSS8AI score0.82736EPSS
Exploits8
Debian
Debian
added 2019/03/01 7:3 a.m.42 views

[SECURITY] [DSA 4401-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4401-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 01, 2019 https://www.debian.org/security/faq -...

7.5CVSS0.4AI score0.82736EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2019/02/12 12:0 a.m.33 views

Debian DLA-1673-1 : wordpress security update

CVE-2018-20147 Authors could modify metadata to bypass intended restrictions on deleting files. CVE-2018-20148 Contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the...

9.8CVSS6.7AI score0.30887EPSS
Exploits1References9
Debian
Debian
added 2019/02/11 11:24 p.m.86 views

[SECURITY] [DLA 1673-1] wordpress security update

Package : wordpress Version : 4.1.25+dfsg-1+deb8u1 CVE ID : CVE-2018-20147 CVE-2018-20148 CVE-2018-20149 CVE-2018-20150 CVE-2018-20151 CVE-2018-20152 CVE-2018-20153 Debian Bug : 916403 CVE-2018-20147 Authors could modify metadata to bypass intended restrictions on deleting files. CVE-2018-20148...

9.8CVSS7.4AI score0.30887EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/12/17 12:0 a.m.54 views

WordPress Multiple Vulnerabilities (Dec 2018) - Windows

WordPress is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.4AI score0.30887EPSS
Exploits1References2
CVE
CVE
added 2018/12/14 8:0 p.m.721 views

CVE-2018-20148

CVE-2018-20148 affects WordPress versions prior to 4.9.9 and 5.x prior to 5.0.1. The issue stems from mishandling of serialized data at phar:// URLs in wp-includes/post.php: wp_get_attachment_thumb_file can mishandle metadata and lead to PHP object injection via crafted wp.getMediaItem XMLRPC cal...

9.8CVSS9.3AI score0.30887EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder