Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-20153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS. CVE-2018-201...

5.4CVSS7.1AI score0.02466EPSS
Exploits0References2
Debian
Debian
added 2019/03/01 7:3 a.m.195 views

[SECURITY] [DSA 4401-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4401-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 01, 2019 https://www.debian.org/security/faq -...

9.8CVSS8AI score0.82736EPSS
Exploits8
Debian
Debian
added 2019/03/01 7:3 a.m.42 views

[SECURITY] [DSA 4401-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4401-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 01, 2019 https://www.debian.org/security/faq -...

7.5CVSS0.4AI score0.82736EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2019/02/12 12:0 a.m.33 views

Debian DLA-1673-1 : wordpress security update

CVE-2018-20147 Authors could modify metadata to bypass intended restrictions on deleting files. CVE-2018-20148 Contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the...

9.8CVSS6.7AI score0.30887EPSS
Exploits1References9
Debian
Debian
added 2019/02/11 11:24 p.m.86 views

[SECURITY] [DLA 1673-1] wordpress security update

Package : wordpress Version : 4.1.25+dfsg-1+deb8u1 CVE ID : CVE-2018-20147 CVE-2018-20148 CVE-2018-20149 CVE-2018-20150 CVE-2018-20151 CVE-2018-20152 CVE-2018-20153 Debian Bug : 916403 CVE-2018-20147 Authors could modify metadata to bypass intended restrictions on deleting files. CVE-2018-20148...

9.8CVSS7.4AI score0.30887EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/12/17 12:0 a.m.54 views

WordPress Multiple Vulnerabilities (Dec 2018) - Windows

WordPress is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.4AI score0.30887EPSS
Exploits1References2
CVE
CVE
added 2018/12/14 8:0 p.m.196 views

CVE-2018-20153

CVE-2018-20153 affects WordPress versions before 4.9.9 and 5.x before 5.0.1, where contributors could modify new comments made by users with higher privileges, potentially enabling XSS. Mitigations exist in WordPress 4.9.9+ and 5.0.1+, as referenced in Debian security advisories (DSA-4401-1) and ...

5.4CVSS7.1AI score0.02466EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder