7 matches found
Debian: Security Advisory (DLA-2269-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2269-1] wordpress security update
Package : wordpress Version : 4.1.31+dfsg-0+deb8u1 CVE ID : CVE-2020-4046 CVE-2020-4047 CVE-2020-4048 CVE-2020-4049 CVE-2020-4050 Debian Bug : 962685 Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting XS...
[SECURITY] [DSA 4709-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4709-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 23, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4709-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4709-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 23, 2020 https://www.debian.org/security/faq -...
CVE-2020-4049
In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version...
CVE-2020-4049
In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version...
CVE-2020-4049
CVE-2020-4049 affects WordPress: when uploading a theme, an attacker who has admin privileges can craft the theme folder name to trigger JavaScript execution in /wp-admin on the themes page. It is described as a low-severity self-XSS requiring admin interaction. A patch is available in WordPress ...