2 matches found
wordpress: multiple issues
CVE-2015-5714 cross-side scripting A cross-site scripting vulnerability has been discovered when processing shortcode tags. - CVE-2015-5715 insufficient permission restriction A vulnerability has been discovered, allowing users without proper permissions to publish private posts and make them...
Debian Security Advisory DSA 3375-1 (wordpress - security update)
Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-5714 A cross-site scripting vulnerability when processing shortcode tags has been discovered. The issue has been fixed by not allowing unclosed HTML elements in attributes. CVE-2015-5715 A vulnerability ha...