29 matches found
EUVD-2016-10074
Malware in sbrugna...
WordPress < 4.9 Multiple Vulnerabilities
WordPress is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
WordPress 3.7.x < 3.7.23 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
WordPress 4.0.x < 4.0.20 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
WordPress 4.2.x < 4.2.17 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
WordPress 4.4.x < 4.4.12 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
WordPress 4.8.x < 4.8.3 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
WordPress 3.9.x < 3.9.21 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
WordPress 4.3.x < 4.3.13 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
WordPress 3.8.x < 3.8.23 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
WordPress 4.5.x < 4.5.11 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
WordPress 4.1.x < 4.1.20 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. - When domain-based...
vyhlidka-cafe.cz XSS vulnerability
Open Bug Bounty ID: OBB-429571 Description| Value ---|--- Affected Website:| vyhlidka-cafe.cz Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
WordPress < 4.8.3 Multiple Vulnerabilities
According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.8.3. It is, therefore, affected by a SQL Injection vulnerability and other vulnerabilities: - WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which mak...
Cross-domain Flash Injection (XSF)
WordPress is vulnerable to cross-domain flash injection XSF attacks. The attack can be triggered via the code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file. The vulnerability is possible only when domain-based flashmediaelement.swf sandboxing is not used...
CVE-2016-9263
WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection XSF attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file...
CVE-2016-9263
WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection XSF attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file...
Cross site scripting
WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection XSF attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file...
CVE-2016-9263
CVE-2016-9263 affects WordPress; the issue arises when domain-based flashmediaelement.swf sandboxing is not used, enabling remote cross-domain Flash injection (XSF) via code in wp-includes/js/mediaelement/flashmediaelement.swf. Connected documents confirm WordPress-related vulnerabilities of this...
CVE-2016-9263
WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection XSF attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file...