Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2012-5868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress 3.4.2 does not invalidate a wordpresssec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover...

2.6CVSS5.8AI score0.00649EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2013/04/20 12:0 a.m.13 views

Mandriva Linux Security Advisory : wordpress (MDVSA-2013:137)

This update provides WordPress 3.4.2, a maintenance and security release. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandriva Linux Security Advisory MDVSA-2013:137. The text itself is copyright C Mandriva S.A...

5.4AI score
Exploits0References2
OSV
OSVadded 2012/12/27 11:47 a.m.1 views

DEBIAN-CVE-2012-5868

WordPress 3.4.2 does not invalidate a wordpresssec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover valid session identifiers via a brute-force attack, or modify data via a replay attack...

2.6CVSS6.8AI score0.00649EPSS
Exploits1References1
OSV
OSVadded 2012/12/27 11:47 a.m.1 views

UBUNTU-CVE-2012-5868

WordPress 3.4.2 does not invalidate a wordpresssec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover valid session identifiers via a brute-force attack, or modify data via a replay attack...

2.6CVSS5.8AI score0.00649EPSS
Exploits1References3
OSV
OSVadded 2012/09/28 9:55 p.m.0 views

UBUNTU-CVE-2012-4448

Cross-site request forgery CSRF vulnerability in wp-admin/index.php in WordPress 3.4.2 allows remote attackers to hijack the authentication of administrators for requests that modify an RSS URL via a dashboardincominglinks edit action...

6.8CVSS5.8AI score0.00153EPSS
Exploits1References4
Cvelist
Cvelistadded 2012/09/28 9:0 p.m.19 views

CVE-2012-4448

Cross-site request forgery CSRF vulnerability in wp-admin/index.php in WordPress 3.4.2 allows remote attackers to hijack the authentication of administrators for requests that modify an RSS URL via a dashboardincominglinks edit action...

6.9AI score0.00153EPSS
Exploits1References5
Packet Storm
Packet Stormadded 2012/09/22 12:0 a.m.24 views

WordPress 3.4.2 Cross Site Request Forgery

============================================================ Vulnerable Software: WordPress Version 3.4.2 Downloaded from: http://wordpress.org/latest.zip MD5SUM: d670508d81e2fd060c2041441bc03300 wordpress-3.4.2.zip =========================================================== Tested: php.ini...

0.6AI score
Exploits0
CVE
CVEadded 2012/09/14 7:0 p.m.56 views

CVE-2012-4422

CVE-2012-4422 affects WordPress prior to 3.4.2 with multisite enabled. The vulnerability arises when network-wide activation of plugins is performed without verifying network-administrator privileges, potentially allowing remote authenticated users to make unintended plugin changes by abusing the...

3.5CVSS6.1AI score0.0024EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder