14 matches found
EUVD-2021-1189
Malware in sbrugna...
OPENSUSE-SU-2024:11514-1 wp-cli-2.5.0-1.2 on GA media
These are all security issues fixed in the wp-cli-2.5.0-1.2 package on the GA media of openSUSE Tumbleweed...
MStore API < 3.9.9 - Unauthenticated Privilege Escalation
The plugin does not prevent visitors from creating user accounts with the role of their choice via their wholesale REST API endpoint. This is only exploitable if the site owner paid to access the plugin's pro features. 1 Simulate the site has a valid Pro API key by running the following in WP CLI...
WordPress WP-CLI Trust Management Issue Vulnerability
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language.WP-CLI is the command line interface for WordPress. WordPress WP-CLI has a trust management issue vulnerability that can be exploited by remote attackers to be able to intercept communications...
CVE-2021-29504
WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the...
CVE-2021-29504
WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the...
Hardcoded credentials
WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the...
CVE-2021-29504 Improper Certificate Validation in WP-CLI framework
WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the...
CVE-2021-29504
WP-CLI (WordPress CLI) vulnerability CVE-2021-29504 arises from improper error handling in HTTPS requests in WP_CLI\Utils\http_request(). On TLS handshake errors, the older default disabled certificate validation, allowing a remote attacker to intercept traffic, impersonate update servers, and pu...
Insecure Certificate Validation
wp-cli/wp-cli uses insecure certificate validation. The vulnerability exists due to an improper error handling in HTTPS requests management...
GHSA-RWGM-F83R-V3QJ Improper Certificate Validation in WP-CLI framework
Impact An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including the ability...
Improper Certificate Validation in WP-CLI framework
Impact An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including the ability...
Improper Certificate Validation in WP-CLI framework
Description Impact An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including...
Improper Certificate Validation in WP-CLI framework
Impact An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including the ability...