Lucene search
Ryan DewhurstWPVDB-ID:D741F5AE-52CA-417D-A2CA-ACDFB7CA5808HistoryDec 13, 2018 - 12:00 a.m.
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
2018-12-1300:00:00
Ryan Dewhurst
wpscan.com
20
0.001 Low
EPSS
Percentile
41.0%
According to WordPress: “Tim Coen and Slavco discovered that authors on Apache-hosted sites could upload specifically crafted files that bypass MIME verification, leading to a cross-site scripting vulnerability.”
Related
veracode
veracode
Cross-site Scripting (XSS)
2018-12-17 04:58:38
ubuntucve
ubuntucve
CVE-2018-20149
2018-12-14 00:00:00
cvelist
cvelist
CVE-2018-20149
2018-12-14 20:00:00
nvd
nvd
CVE-2018-20149
2018-12-14 20:29:00
osv
osv
CVE-2018-20149
2018-12-14 20:29:00
wordpress - security update
2019-02-11 00:00:00
wordpress - security update
2019-03-01 00:00:00
cve
cve
CVE-2018-20149
2018-12-14 20:29:00
debiancve
debiancve
CVE-2018-20149
2018-12-14 20:29:00
prion
prion
Type confusion
2018-12-14 20:29:00
openvas
openvas
WordPress Multiple Vulnerabilities (Dec 2018) - Linux
2018-12-17 00:00:00
Debian: Security Advisory (DLA-1673-1)
2019-02-11 00:00:00
WordPress Multiple Vulnerabilities (Dec 2018) - Windows
2018-12-17 00:00:00
nessus
nessus
Debian DLA-1673-1 : wordpress security update
2019-02-12 00:00:00
WordPress < 4.9.9 / 5.x < 5.0.1 Multiple Vulnerabilities
2018-12-13 00:00:00
Debian DSA-4401-1 : wordpress - security update
2019-03-04 00:00:00
debian
debian
[SECURITY] [DLA 1673-1] wordpress security update
2019-02-11 23:24:13
[SECURITY] [DSA 4401-1] wordpress security update
2019-03-01 07:03:31
[SECURITY] [DSA 4401-1] wordpress security update
2019-03-01 07:03:31