FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  318877
Date:      2013-05-23
Time:      15:30:07Z
Committer: flo

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
559e00b7-6a4d-11e2-b6b0-10bf48230856	wordpress -- multiple vulnerabilities Wordpress reports: WordPress 3.5.1 also addresses the following security issues: A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress versions. This was fixed by the WordPress security team. We'd like to thank security researchers Gennady Kovshenin and Ryan Dewhurst for reviewing our work. Two instances of cross-site scripting via shortcodes and post content. These issues were discovered by Jon Cave of the WordPress security team. A cross-site scripting vulnerability in the external library Plupload. Thanks to the Moxiecode team for working with us on this, and for releasing Plupload 1.5.5 to address this issue. Discovery 2013-01-24 Entry 2013-01-29 wordpress lt 3.5.1,1 zh-wordpress-zh_CN zh-wordpress-zh_TW de-wordpress ja-wordpress ru-wordpress lt 3.5.1 CVE-2013-0235 CVE-2013-0236 CVE-2013-0237

VuXML ID

Description

559e00b7-6a4d-11e2-b6b0-10bf48230856

wordpress -- multiple vulnerabilities

Wordpress reports:

WordPress 3.5.1 also addresses the following security issues:

A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress versions. This was fixed by the WordPress security team. We'd like to thank security researchers Gennady Kovshenin and Ryan Dewhurst for reviewing our work.

Two instances of cross-site scripting via shortcodes and post content. These issues were discovered by Jon Cave of the WordPress security team.

A cross-site scripting vulnerability in the external library Plupload. Thanks to the Moxiecode team for working with us on this, and for releasing Plupload 1.5.5 to address this issue.

Discovery 2013-01-24
Entry 2013-01-29
wordpress

lt 3.5.1,1

zh-wordpress-zh_CN
zh-wordpress-zh_TW
de-wordpress
ja-wordpress
ru-wordpress

lt 3.5.1

CVE-2013-0235
CVE-2013-0236
CVE-2013-0237