10 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-28035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC. CVE-2020-28035 Note that Nessus relies on the presence of the package as reported by the...
Fedora: Security Advisory for wordpress (FEDORA-2020-b386fac43a)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] [DSA 4784-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4784-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 06, 2020 https://www.debian.org/security/faq -...
Debian DLA-2429-1 : wordpress security update
There were several vulnerabilites reported against wordpress, as follows : CVE-2020-28032 WordPress before 4.7.19 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php. CVE-2020-28033 WordPress before 4.7.19 mishandles embeds from disabled sites on a multisite...
Debian: Security Advisory (DLA-2429-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WordPress < 5.5.2 Multiple Vulnerabilities
According to its self-reported version number, the installation of WordPress installed on the remote host is affected by multiple vulnerabilities: - A deserialization vulnerability exists in wp-includes/Requests/Utility/FilteredIterator.php. An unauthenticated, remote attacker can exploit this, b...
[SECURITY] [DLA 2429-1] wordpress security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2429-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 03, 2020 https://wiki.debian.org/LTS -...
CVE-2020-28035
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC...
CVE-2020-28035
CVE-2020-28035 affects WordPress up to version 5.5.2, where an XML‑RPC based flaw allows an attacker to escalate privileges. The issue is publicly documented in CVE-2020-28035 with a high launcher in the CVSS context (network, low attack complexity, no authentication). The connected records corro...
CVE-2020-28035
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC...