9 matches found
Fedora: Security Advisory for wordpress (FEDORA-2022-8472dd59ff)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for wordpress (FEDORA-2022-e37e1e6c7a)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
WordPress 5.8.2 Stored XSS Vulnerability
WordPress is the world’s most popular content management system that, according to w3techs, is used by over 40% of all websites. This wide adoption makes it a top target for cyber criminals who seek to compromise high-traffic websites or infect as many web servers as possible. Its code is heavily...
Debian DSA-5039-1 : wordpress - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5039 advisory. Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, run unchecked SQL queries,...
WordPress fixes multiple security vulnerabilities
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. WordPress development team has released the security update to patch the following four vulnerabilities out of which three of them have high severity. CVE-2022-21661: A vulnerability exists in WPQuery class which is caused...
WordPress 5.8.3 Security Release
On January 6, 2022, the WordPress core team released WordPress version 5.8.3, which contains security patches for 4 high-severity vulnerabilities. These patches were backported to every version of WordPress since 3.7. WordPress has supported automatic core updates for security releases since...
CVE-2022-21662 Stored XSS in WordPress
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users like author in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched...
CVE-2022-21662
CVE-2022-21662 affects WordPress core; vulnerability allows low-privileged authenticated users (e.g., authors) to execute JavaScript via stored XSS, potentially impacting high-privilege users. It has been patched in WordPress 5.8.3, with older affected versions fixed via security releases back to...
WordPress 5.8 < 5.8.3 / 5.7 < 5.7.5 / 5.6 < 5.6.7 / 5.5 < 5.5.8 / 5.4 < 5.4.9 / 5.3 < 5.3.11 / 5.2 < 5.2.14 / 5.1 < 5.1.12 / 5.0 < 5.0.15 / 4.9 < 4.9.19 / 4.8 < 4.8.18 / 4.7 < 4.7.22 / 4.6 < 4.6.22 / 4.5 < 4.5.25 / 4.4 < 4.4.26 / 4.3 < 4.3.27 / 4.2 < 4.2.31 / 4.1 < 4.1.34 / 4.0 < 4.0.34 / 3.9 < 3.9.35 / 3.8 < 3.8.37 / 3.7 < 3.7.37
WordPress versions 5.8 5.8.3 / 5.7 5.7.5 / 5.6 5.6.7 / 5.5 5.5.8 / 5.4 5.4.9 / 5.3 5.3.11 / 5.2 5.2.14 / 5.1 5.1.12 / 5.0 5.0.15 / 4.9 4.9.19 / 4.8 4.8.18 / 4.7 4.7.22 / 4.6 4.6.22 / 4.5 4.5.25 / 4.4 4.4.26 / 4.3 4.3.27 / 4.2 4.2.31 / 4.1 4.1.34 / 4.0 4.0.34 / 3.9 3.9.35 / 3.8 3.8.37 / 3.7 3.7.37...