Debian DLA-568-1 : wordpress security update (httpoxy)

Several vulnerabilities were discovered in wordpress, a web blogging tool. The Common Vulnerabilities and Exposures project identifies the following issues. CVE-2016-5387 WordPress allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via...

CVE-2016-5839

WordPress before 4.5.3 allows remote attackers to bypass the sanitizefilename protection mechanism via unspecified vectors...

CVE-2016-5839

WordPress before 4.5.3 allows remote attackers to bypass the sanitizefilename protection mechanism via unspecified vectors...

FreeBSD : wordpress -- multiple vulnerabilities (bfcc23b6-3b27-11e6-8e82-002590263bf5)

Adam Silverstein reports : WordPress 4.5.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.5.2 and earlier are affected by several security issues: redirect bypass in the customizer, report...

WordPress <= 4.5.2 - BYPASS #1

WordPress before 4.5.3 allows remote attackers to bypass the sanitizefilename protection mechanism via unspecified vectors. Related records: http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-1 http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-2...