6 matches found
WordPress Theme Medic 1.0.0 Weak Password Recovery Mechanism
Exploit Title: WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password Dork: inurl:/wp-includes/class-wp-query.php Date: 2023-06-19 Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage:...
WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password
Exploit Title: WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password Dork: inurl:/wp-includes/class-wp-query.php Date: 2023-06-19 Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage:...
Debian: Security Advisory (DLA-2208-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2208-1] wordpress security update
Package : wordpress Version : 4.1.30+dfsg-0+deb8u1 CVE ID : CVE-2020-11026 CVE-2020-11027 CVE-2020-11028 CVE-2020-11029 Debian Bug : 959391 Multiple CVEs were discovered in the src:wordpress package. CVE-2020-11026 Files with a specially crafted name when uploaded to the Media section can lead to...
CVE-2020-11027 Password reset links invalidation issue in WordPress
In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with all the previously...
CVE-2020-11027
CVE-2020-11027 affects WordPress: password reset tokens fail to invalidate after password changes, enabling an attacker with email access to impersonate a user. Affected versions include 3.x through 5.3.x; patch released in WordPress 5.4.1 (and 5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.x, 3.x as listed). Con...