Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61021
HistorySep 16, 2013 - 12:00 a.m.

WordPress /wp-admin/includes/post.php user_ID 参数操作权限提升漏洞

2013-09-1600:00:00
Root
www.seebug.org
27

0.003 Low

EPSS

Percentile

65.4%

JSON

Bugtraq ID:62346
CVE ID:CVE-2013-4340

WordPress是一种使用PHP语言开发的博客平台,用户可以在支持PHP和MySQL数据库的服务器上架设自己的网志

WordPress wp-admin/includes/post.php脚本在处理’user_ID’参数时存在一个安全漏洞,允许远程攻击者利用漏洞提供修改过的user_ID参数伪造任意帖子的作者
0
WordPress 3.6
厂商解决方案

WordPress 3.6.1已经修改该漏洞,建议用户下载更新:
http://codex.wordpress.org/Version_3.6.1
http://wordpress.org/news/2013/09/wordpress-3-6-1/

Related

wpvulndb 1
veracode 1
prion 1
patchstack 1
cvelist 1
cve 1
debiancve 1
ubuntucve 1
nessus 8
fedora 6
openvas 11
osv 1
freebsd 1
mageia 1
debian 1
securityvulns 2
wpvulndb
wpvulndb
WordPress 3.6 - Post Authorship Spoofing
2014-08-01 00:00:00
veracode
veracode
Privilege Escalation
2017-08-04 07:28:46
prion
prion
Code injection
2013-09-12 13:30:00
patchstack
patchstack
WordPress <= 3.6.0 - Privilege Escalation
2013-09-09 00:00:00
cvelist
cvelist
CVE-2013-4340
2013-09-12 10:00:00
cve
cve
CVE-2013-4340
2013-09-12 13:30:00
debiancve
debiancve
CVE-2013-4340
2013-09-12 13:30:00
ubuntucve
ubuntucve
CVE-2013-4340
2013-09-12 00:00:00
nessus
nessus
Fedora 18 : wordpress-3.6.1-1.fc18 (2013-16895)
2013-09-27 00:00:00
Fedora 19 : wordpress-3.6.1-1.fc19 (2013-16925)
2013-09-27 00:00:00
Fedora 20 : wordpress-3.6.1-1.fc20 (2013-16855)
2013-09-27 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: wordpress-3.6.1-1.fc20
2013-09-26 06:04:23
[SECURITY] Fedora 19 Update: wordpress-3.6.1-1.fc19
2013-09-26 06:04:43
[SECURITY] Fedora 19 Update: wordpress-3.8.3-1.fc19
2014-04-24 07:28:27
openvas
openvas
Debian Security Advisory DSA 2757-1 (wordpress - several vulnerabilities)
2013-09-14 00:00:00
Debian: Security Advisory (DSA-2757-1)
2013-09-13 00:00:00
Mageia: Security Advisory (MGASA-2013-0285)
2022-01-28 00:00:00
osv
osv
wordpress - several
2013-09-14 00:00:00
freebsd
freebsd
wordpress -- multiple vulnerabilities
2013-09-11 00:00:00
mageia
mageia
Updated wordpress and php-phpmailer packages fix security vulnerabilities
2013-09-19 13:45:04
debian
debian
[SECURITY] [DSA 2757-1] wordpress security update
2013-09-14 09:15:12
securityvulns
securityvulns
[ MDVSA-2013:239 ] wordpress
2013-10-02 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2013-10-02 00:00:00

0.003 Low

EPSS

Percentile

65.4%

JSON
Related for SSV:61021
wpvulndb1veracode1prion1patchstack1cvelist1cve1debiancve1ubuntucve1nessus8fedora6openvas11osv1freebsd1mageia1debian1securityvulns2