UBUNTU-CVE-2017-14723

Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb-prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks...

CVE-2017-14723

Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb-prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks...

CVE-2017-14725

Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php...

CVE-2017-14720

Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name...

CVE-2017-14719

Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components...

CVE-2017-14726

Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor...

EUVD-2017-6220

Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb-prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks...

CVE-2017-14726

Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

wordpress -- multiple issues

wordpress developers report: Before version 4.8.2, WordPress was susceptible to a Cross-Site Scripting attack in the link modal via a javascript: or data: URL. Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name. Before versi...

WordPress Releases Security Update

WordPress versions prior to 4.8.2 are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 4.8.2. Th...

WordPress Email Users 4.8.2 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Email Users WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

DEBIAN-CVE-2013-1874

Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory...