Lucene search
Veracode Vulnerability DatabaseVERACODE:5221HistoryOct 04, 2017 - 1:52 a.m.
Privilege Escalation
2017-10-0401:52:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
42.0%
WordPress is susceptible to privilege escalation attacks. The vulnerability exists due to storing wp_signups.activation_key values as plaintext in the database. It allows an attacker to hijack an unactivated user account if unauthorized database read access is gained through another attack.
Related
osv
osv
CVE-2017-14990
2017-10-03 01:29:03
wordpress - security update
2017-10-10 00:00:00
debian
debian
[SECURITY] [DLA 1151-2] wordpress regression update
2017-11-12 22:15:49
[SECURITY] [DLA 1151-1] wordpress security update
2017-10-31 15:22:01
[SECURITY] [DSA 3997-1] wordpress security update
2017-10-11 11:51:21
packetstorm
packetstorm
WordPress 4.8.2 Activation Key Failed Expiry
2017-10-06 00:00:00
cvelist
cvelist
CVE-2017-14990
2017-10-02 17:00:00
nvd
nvd
CVE-2017-14990
2017-10-03 01:29:03
cve
cve
CVE-2017-14990
2017-10-03 01:29:03
nessus
nessus
Debian DLA-1151-2 : wordpress regression update
2017-11-01 00:00:00
Debian DSA-3997-1 : wordpress - security update
2017-10-12 00:00:00
zdt
zdt
WordPress 4.8.2 Activation Key Failed Expiry Vulnerability
2017-10-08 00:00:00
prion
prion
Sql injection
2017-10-03 01:29:00
debiancve
debiancve
CVE-2017-14990
2017-10-03 01:29:03
ubuntucve
ubuntucve
CVE-2017-14990
2017-10-03 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1151-1)
2018-02-06 00:00:00
Debian: Security Advisory (DSA-3997-1)
2017-10-09 00:00:00