VuXML ID | Description |
8a9f86de-d080-11e9-9051-4c72b94353b5 | wordpress -- multiple issues
wordpress developers reports:
Props to Simon Scannell of RIPS Technologies for finding and disclosing two issues.
The first, a cross-site scripting (XSS) vulnerability found in post previews by contributors.
The second was a cross-site scripting vulnerability in stored comments.
Props to Tim Coen for disclosing an issue where validation and sanitization
of a URL could lead to an open redirect.
Props to Anshul Jain for disclosing reflected cross-site scripting during media uploads.
Props to Zhouyuan Yang of Fortinets FortiGuard Labs who disclosed a vulnerability
for cross-site scripting (XSS) in shortcode previews.
Props to Ian Dunn of the Core Security Team for finding and disclosing a case where
reflected cross-site scripting could be found in the dashboard.
Props to Soroush Dalilifrom NCC Group for disclosing an issue with URL
sanitization that can lead to cross-site scripting (XSS) attacks.
In addition to the above changes, we are also updating jQuery on older versions of WordPress.
This change was added in 5.2.1 and is now being brought to older versions.
Discovery 2019-09-05 Entry 2019-09-06 wordpress
fr-wordpress
< 5.2.3,1
de-wordpress
zh_CN-wordpress
zh_TW-wordpress
ja-wordpress
ru-wordpress
< 5.2.3
https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/
|
ac5ec8e3-3c6c-11e5-b921-00a0986f28c4 | wordpress -- Multiple vulnerability
Gary Pendergast reports:
WordPress 4.2.4 fixes three cross-site scripting vulnerabilities
and a potential SQL injection that could be used to compromise a
site.
Discovery 2015-08-04 Entry 2015-08-06 Modified 2015-09-15 wordpress
< 4.2.4,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.2.4
https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/
CVE-2015-2213
CVE-2015-5730
CVE-2015-5731
CVE-2015-5732
CVE-2015-5733
CVE-2015-5734
|
f4ce64c2-5bd4-11e5-9040-3c970e169bc2 | wordpress -- multiple vulnerabilities
Samuel Sidler reports:
WordPress 4.3.1 is now available. This is a security
release for all previous versions and we strongly
encourage you to update your sites immediately.
- WordPress versions 4.3 and earlier are vulnerable
to a cross-site scripting vulnerability when processing
shortcode tags (CVE-2015-5714). Reported by Shahar Tal
and Netanel Rubin of Check Point.
- A separate cross-site scripting vulnerability was found
in the user list table. Reported by Ben Bidner of the
WordPress security team.
- Finally, in certain cases, users without proper
permissions could publish private posts and make
them sticky (CVE-2015-5715). Reported by Shahar Tal
and Netanel Rubin of Check Point.
Discovery 2015-09-15 Entry 2015-09-15 Modified 2015-10-29 wordpress
< 4.3.1,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.3.1
CVE-2015-5714
CVE-2015-5715
CVE-2015-7989
http://www.openwall.com/lists/oss-security/2015/10/28/1
https://wordpress.org/news/2015/09/wordpress-4-3-1/
|
c80b27a2-3165-11e5-8a1d-14dae9d210b8 | wordpress -- XSS vulnerability
Gary Pendergast reports:
WordPress versions 4.2.2 and earlier are affected by a
cross-site scripting vulnerability, which could allow users with the
Contributor or Author role to compromise a site. This was reported by
Jon Cave and fixed by Robert Chapin, both of the WordPress security
team.
Discovery 2015-07-23 Entry 2015-07-23 Modified 2015-09-15 wordpress
< 4.2.3,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.2.3
https://wordpress.org/news/2015/07/wordpress-4-2-3/
CVE-2015-5622
CVE-2015-5623
|
fb754341-c3e2-11e5-b5fe-002590263bf5 | wordpress -- XSS vulnerability
Aaron Jorbin reports:
WordPress 4.4.1 is now available. This is a security release for
all previous versions and we strongly encourage you to update your
sites immediately.
WordPress versions 4.4 and earlier are affected by a cross-site
scripting vulnerability that could allow a site to be compromised.
This was reported by Crtc4L.
Discovery 2016-01-06 Entry 2016-01-26 Modified 2016-03-08 wordpress
< 4.4.1,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.4.1
CVE-2016-1564
http://www.openwall.com/lists/oss-security/2016/01/08/3
https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/
|
fef03980-e4c6-11e5-b2bd-002590263bf5 | wordpress -- multiple vulnerabilities
Samuel Sidler reports:
WordPress 4.4.2 is now available. This is a security release for
all previous versions and we strongly encourage you to update your
sites immediately.
WordPress versions 4.4.1 and earlier are affected by two security
issues: a possible SSRF for certain local URIs, reported by Ronni
Skansing; and an open redirection attack, reported by Shailesh
Suthar.
Discovery 2016-02-02 Entry 2016-03-08 wordpress
< 4.4.2,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.4.2
CVE-2016-2221
CVE-2016-2222
http://www.openwall.com/lists/oss-security/2016/02/04/6
https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
|
d86890da-f498-11e4-99aa-bcaec565249c | wordpress -- 2 cross-site scripting vulnerabilities
Samuel Sidler reports:
The Genericons icon font package, which is used in a number of
popular themes and plugins, contained an HTML file vulnerable to
a cross-site scripting attack. All affected themes and plugins
hosted on WordPress.org (including the Twenty Fifteen default
theme) have been updated today by the WordPress security team
to address this issue by removing this nonessential file. To
help protect other Genericons usage, WordPress 4.2.2
proactively scans the wp-content directory for this HTML
file and removes it. Reported by Robert Abela of Netsparker.
WordPress versions 4.2 and earlier are affected by a critical
cross-site scripting vulnerability, which could enable anonymous
users to compromise a site. WordPress 4.2.2 includes a
comprehensive fix for this issue.
The release also includes hardening for a potential cross-site
scripting vulnerability when using the visual editor. This issue
was reported by Mahadev Subedi.
Discovery 2015-05-07 Entry 2015-05-07 Modified 2015-09-15 wordpress
< 4.2.2,1
de-wordpress
< 4.2.2
ja-wordpress
< 4.2.2
ru-wordpress
< 4.2.2
zh-wordpress-zh_CN
< 4.2.2
zh-wordpress-zh_TW
< 4.2.2
https://wordpress.org/news/2015/05/wordpress-4-2-2/
|
459df1ba-051c-11ea-9673-4c72b94353b5 | wordpress -- multiple issues
wordpress developers reports:
Props to Evan Ricafort for finding an issue where stored XSS (cross-site scripting)
could be added via the Customizer.
rops to J.D. Grimes who found and disclosed a method of viewing unauthenticated posts.
Props to Weston Ruter for finding a way to create a stored XSS to inject Javascript
into style tags.
rops to David Newman for highlighting a method to poison the cache of JSON GET requests
via the Vary: Origin header.
Props to Eugene Kolodenker who found a server-side request forgery in the way that URLs
are validated.
Props to Ben Bidner of the WordPress Security Team who discovered issues related to
referrer validation in the admin.
Discovery 2019-10-14 Entry 2019-11-12 wordpress
fr-wordpress
< 5.2.4,1
de-wordpress
zh_CN-wordpress
zh_TW-wordpress
ja-wordpress
ru-wordpress
< 5.2.4
https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
|
3686917b-164d-11e6-94fa-002590263bf5 | wordpress -- multiple vulnerabilities
Helen Hou-Sandi reports:
WordPress 4.5.2 is now available. This is a security release for
all previous versions and we strongly encourage you to update your
sites immediately.
WordPress versions 4.5.1 and earlier are affected by a SOME
vulnerability through Plupload, the third-party library WordPress
uses for uploading files. WordPress versions 4.2 through 4.5.1 are
vulnerable to reflected XSS using specially crafted URIs through
MediaElement.js, the third-party library used for media players.
MediaElement.js and Plupload have also released updates fixing
these issues.
Discovery 2016-05-06 Entry 2016-05-10 wordpress
< 4.5.2,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.5.2
CVE-2016-4566
CVE-2016-4567
https://wordpress.org/news/2016/05/wordpress-4-5-2/
http://www.openwall.com/lists/oss-security/2016/05/07/7
|
ba4f9b19-ed9d-11e4-9118-bcaec565249c | wordpress -- cross-site scripting vulnerability
Gary Pendergast reports:
WordPress 4.2.1 is now available. This is a critical security
release for all previous versions and we strongly encourage you
to update your sites immediately.
A few hours ago, the WordPress team was made aware of a
cross-site scripting vulnerability, which could enable commenters
to compromise a site. The vulnerability was discovered by Jouko
Pynnöne.
Discovery 2015-04-27 Entry 2015-05-07 Modified 2015-09-15 wordpress
< 4.2.1,1
de-wordpress
< 4.2.1
ja-wordpress
< 4.2.1
ru-wordpress
< 4.2.1
zh-wordpress-zh_CN
< 4.2.1
zh-wordpress-zh_TW
< 4.2.1
https://wordpress.org/news/2015/04/wordpress-4-2-1/
|
bfcc23b6-3b27-11e6-8e82-002590263bf5 | wordpress -- multiple vulnerabilities
Adam Silverstein reports:
WordPress 4.5.3 is now available. This is a security release for
all previous versions and we strongly encourage you to update your
sites immediately.
WordPress versions 4.5.2 and earlier are affected by several
security issues: redirect bypass in the customizer, reported by
Yassine Aboukir; two different XSS problems via attachment names,
reported by Jouko Pynnönenand Divyesh Prajapati; revision history
information disclosure, reported independently by John Blackbourn
from the WordPress security team and by Dan Moen from the Wordfence
Research Team; oEmbed denial of service reported by Jennifer Dodd
from Automattic; unauthorized category removal from a post, reported
by David Herrera from Alley Interactive; password change via stolen
cookie, reported by Michael Adams from the WordPress security team;
and some less secure sanitize_file_name edge cases reported by Peter
Westwood of the WordPress security team.
Discovery 2016-06-18 Entry 2016-06-25 wordpress
< 4.5.3,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.5.3
CVE-2016-5832
CVE-2016-5833
CVE-2016-5834
CVE-2016-5835
CVE-2016-5836
CVE-2016-5837
CVE-2016-5838
CVE-2016-5839
ports/210480
ports/210581
https://wordpress.org/news/2016/06/wordpress-4-5-3/
http://www.openwall.com/lists/oss-security/2016/06/23/9
|
54e50cd9-c1a8-11e6-ae1b-002590263bf5 | wordpress -- multiple vulnerabilities
Jeremy Felt reports:
WordPress versions 4.6 and earlier are affected by two security
issues: a cross-site scripting vulnerability via image filename,
reported by SumOfPwn researcher Cengiz Han Sahin; and a path
traversal vulnerability in the upgrade package uploader, reported
by Dominik Schilling from the WordPress security team.
Discovery 2016-09-07 Entry 2016-12-14 wordpress
< 4.6.1,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.6.1
https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
|
4b98613c-0078-11e9-b05b-00e04c1ea73d | wordpress -- multiple issues
wordpress developers reports:
WordPress versions 5.0 and earlier are affected by the following bugs, which are
fixed in version 5.0.1. Updated versions of WordPress 4.9 and older releases are
also available, for users who have not yet updated to 5.0.
Karim El Ouerghemmi discovered that authors could alter meta data to delete files
that they werenât authorized to.
Simon Scannell of RIPS Technologies discovered that authors could create posts of
unauthorized post types with specially crafted input.
Sam Thomas discovered that contributors could craft meta data in a way that resulted
in PHP object injection.
Tim Coen discovered that contributors could edit new comments from higher-privileged
users, potentially leading to a cross-site scripting vulnerability.
Tim Coen also discovered that specially crafted URL inputs could lead to a cross-site
scripting vulnerability in some circumstances. WordPress itself was not affected,
but plugins could be in some situations.
Team Yoast discovered that the user activation screen could be indexed by search
engines in some uncommon configurations, leading to exposure of email addresses,
and in some rare cases, default generated passwords.
Tim Coen and Slavco discovered that authors on Apache-hosted sites could upload
specifically crafted files that bypass MIME verification, leading to a cross-site
scripting vulnerability.
Discovery 2018-12-13 Entry 2018-12-15 wordpress
fr-wordpress
< 5.0.1,1
de-wordpress
zh_CN-wordpress
zh_TW-wordpress
ja-wordpress
ru-wordpress
< 5.0.1
https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
|
5e135178-8aeb-11e4-801f-0022156e8794 | wordpress -- multiple vulnerabilities
MITRE reports:
wp-login.php in WordPress before 3.7.5, 3.8.x before
3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow
remote attackers to reset passwords by leveraging access to
an e-mail account that received a password-reset message.
wp-includes/http.php in WordPress before 3.7.5, 3.8.x
before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1
allows remote attackers to conduct server-side request
forgery (SSRF) attacks by referring to a 127.0.0.0/8
resource.
WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before
3.9.3, and 4.x before 4.0.1 might allow remote attackers to
obtain access to an account idle since 2008 by leveraging an
improper PHP dynamic type comparison for an MD5 hash.
Cross-site scripting (XSS) vulnerability in WordPress
before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and
4.x before 4.0.1 allows remote attackers to inject arbitrary
web script or HTML via a crafted Cascading Style Sheets
(CSS) token sequence in a post.
Cross-site scripting (XSS) vulnerability in Press This in
WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before
3.9.3, and 4.x before 4.0.1 allows remote attackers to
inject arbitrary web script or HTML via unspecified
vectors
wp-includes/class-phpass.php in WordPress before 3.7.5,
3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1
allows remote attackers to cause a denial of service (CPU
consumption) via a long password that is improperly handled
during hashing, a similar issue to CVE-2014-9016.
Cross-site request forgery (CSRF) vulnerability in
wp-login.php in WordPress 3.7.4, 3.8.4, 3.9.2, and 4.0
allows remote attackers to hijack the authentication of
arbitrary users for requests that reset passwords.
Discovery 2014-11-25 Entry 2015-01-05 wordpress
< 3.7.5,1
>= 3.8,1 lt 3.8.5,1
>= 3.9,1 lt 3.9.3,1
>= 4.0,1 lt 4.0.1,1
zh-wordpress
< 3.7.5
>= 3.8 lt 3.8.5
>= 3.9 lt 3.9.3
>= 4.0 lt 4.0.1
de-wordpress
< 3.7.5
>= 3.8 lt 3.8.5
>= 3.9 lt 3.9.3
>= 4.0 lt 4.0.1
ja-wordpress
< 3.7.5
>= 3.8 lt 3.8.5
>= 3.9 lt 3.9.3
>= 4.0 lt 4.0.1
ru-wordpress
< 3.7.5
>= 3.8 lt 3.8.5
>= 3.9 lt 3.9.3
>= 4.0 lt 4.0.1
CVE-2014-9033
CVE-2014-9034
CVE-2014-9035
CVE-2014-9036
CVE-2014-9037
CVE-2014-9038
CVE-2014-9039
|
b180d1fb-dac6-11e6-ae1b-002590263bf5 | wordpress -- multiple vulnerabilities
Aaron D. Campbell reports:
WordPress versions 4.7 and earlier are affected by eight security
issues...
Discovery 2017-01-11 Entry 2017-01-15 wordpress
< 4.7.1,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.7.1
CVE-2017-5487
CVE-2017-5488
CVE-2017-5489
CVE-2017-5490
CVE-2017-5491
CVE-2017-5492
CVE-2017-5493
http://www.openwall.com/lists/oss-security/2017/01/14/6
https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
|
14ea4458-e5cd-11e6-b56d-38d547003487 | wordpress -- multiple vulnerabilities
Aaron D. Campbell reports:
WordPress versions 4.7.1 and earlier are affected by three security
issues:
- The user interface for assigning taxonomy terms in Press This is
shown to users who do not have permissions to use it.
- WP_Query is vulnerable to a SQL injection (SQLi) when passing
unsafe data. WordPress core is not directly vulnerable to this
issue, but weâve added hardening to prevent plugins and
themes from accidentally causing a vulnerability.
- A cross-site scripting (XSS) vulnerability was discovered in the
posts list table.
- An unauthenticated privilege escalation vulnerability was
discovered in a REST API endpoint.
Discovery 2017-01-26 Entry 2017-01-29 wordpress
< 4.7.2,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.7.2
CVE-2017-5610
CVE-2017-5611
CVE-2017-5612
http://www.openwall.com/lists/oss-security/2017/01/28/5
https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/
|
82752070-0349-11e7-b48d-00e04c1ea73d | wordpress -- multiple vulnerabilities
WordPress versions 4.7.2 and earlier are affected by six security issues.
- Cross-site scripting (XSS) via media file metadata.
- Control characters can trick redirect URL validation.
- Unintended files can be deleted by administrators using the
plugin deletion functionality.
- Cross-site scripting (XSS) via video URL in YouTube embeds.
- Cross-site scripting (XSS) via taxonomy term names.
- Cross-site request forgery (CSRF) in Press This leading to
excessive use of server resources.
Discovery 2017-03-07 Entry 2017-03-07 wordpress
< 4.7.3,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.7.3
http://www.openwall.com/lists/oss-security/2017/03/07/3
https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
|
7b97b32e-27c4-11ea-9673-4c72b94353b5 | wordpress -- multiple issues
wordpress developers reports:
Four security issues affect WordPress versions 5.3 and earlier; version 5.3.1 fixes them, so youll want to upgrade.
If you havent yet updated to 5.3, there are also updated versions of 5.2 and earlier that fix the security issues.
-Props to Daniel Bachhuber for finding an issue where an unprivileged user could make a post sticky via the REST API.
-Props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where cross-site scripting (XSS)
could be stored in well-crafted links.
-Props to the WordPress.org Security Team for hardening wp_kses_bad_protocol() to ensure that it is aware of the named
colon attribute.
-Props to Nguyen The Duc for discovering a stored XSS vulnerability using block editor content.
Discovery 2019-12-13 Entry 2019-12-26 wordpress
fr-wordpress
< 5.3.1,1
de-wordpress
zh_CN-wordpress
zh_TW-wordpress
ja-wordpress
ru-wordpress
< 5.3.1
https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
|
a5bb7ea0-3e58-11e7-94a2-00e04c1ea73d | Wordpress -- multiple vulnerabilities
WordPress versions 4.7.4 and earlier are affected by six security issues
- Insufficient redirect validation in the HTTP class.
- Improper handling of post meta data values in the XML-RPC API.
- Lack of capability checks for post meta data in the XML-RPC API.
- A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog.
- A cross-site scripting (XSS) vulnerability was discovered related to the Customizer.
Discovery 2017-05-16 Entry 2017-05-21 wordpress
fr-wordpress
< 4.7.5,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.7.5
https://wordpress.org/news/2017/05/wordpress-4-7-5/
|
cee3d12f-bf41-11e7-bced-00e04c1ea73d | wordpress -- multiple issues
wordpress developers reports:
WordPress versions 4.8.2 and earlier are affected by an issue
where $wpdb->prepare() can create unexpected and unsafe queries
leading to potential SQL injection (SQLi). WordPress core is not
directly vulnerable to this issue, but we've added hardening to
prevent plugins and themes from accidentally causing a vulnerability.
Discovery 2017-10-31 Entry 2017-11-01 wordpress
< 4.8.3,1
https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
|
15ee0e93-4bbb-11e9-9ba0-4c72b94353b5 | wordpress -- multiple issues
wordpress developers reports:
Hosts can now offer a button for their users to update PHP.
The recommended PHP version used by the Update PHP notice can now be filtered.
Discovery 2019-03-12 Entry 2019-03-21 wordpress
fr-wordpress
< 5.1.1,1
de-wordpress
zh_CN-wordpress
zh_TW-wordpress
ja-wordpress
ru-wordpress
< 5.1.1
https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/
|
a2589511-d6ba-11e7-88dd-00e04c1ea73d | wordpress -- multiple issues
wordpress developers reports:
Use a properly generated hash for the newbloguser key instead of a determinate substring.
Add escaping to the language attributes used on html elements.
Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.
Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability.
Discovery 2017-11-29 Entry 2017-12-01 wordpress
fr-wordpress
< 4.9.1,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.9.1
https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
|
c04dc18f-fcde-11e7-bdf6-00e04c1ea73d | wordpress -- multiple issues
wordpress developers reports:
JavaScript errors that prevented saving posts in Firefox have been fixed.
The previous taxonomy-agnostic behavior of get_category_link() and category_description() was restored.
Switching themes will now attempt to restore previous widget assignments, even when there are no sidebars to map.
Discovery 2018-01-16 Entry 2018-01-19 wordpress
fr-wordpress
< 4.9.2,1
de-wordpress
ja-wordpress
ru-wordpress
zh-wordpress-zh_CN
zh-wordpress-zh_TW
< 4.9.2
https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/
|
11325357-1d3c-11eb-ab74-4c72b94353b5 | wordpress -- multiple issues
wordpress developers reports:
Ten security issues affect WordPress versions 5.5.1 and earlier. If you havent yet updated to 5.5,
all WordPress versions since 3.7 have also been updated to fix the following security issues:
-Props to Alex Concha of the WordPress Security Team for their work in hardening deserialization requests.
-Props to David Binovec on a fix to disable spam embeds from disabled sites on a multisite network.
-Thanks to Marc Montas from Sucuri for reporting an issue that could lead to XSS from global variables.
-Thanks to Justin Tran who reported an issue surrounding privilege escalation in XML-RPC. He also found and disclosed an issue around privilege escalation around post commenting via XML-RPC.
-Props to Omar Ganiev who reported a method where a DoS attack could lead to RCE.
-Thanks to Karim El Ouerghemmi from RIPS who disclosed a method to store XSS in post slugs.
-Thanks to Slavco for reporting, and confirmation from Karim El Ouerghemmi, a method to bypass protected meta that could lead to arbitrary file deletion.
Discovery 2020-10-29 Entry 2020-11-02 wordpress
fr-wordpress
< 5.5.2,1
de-wordpress
zh_CN-wordpress
zh_TW-wordpress
ja-wordpress
ru-wordpress
< 5.5.2
https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
|
be38245e-44d9-11e8-a292-00e04c1ea73d | wordpress -- multiple issues
wordpress developers reports:
Don't treat localhost as same host by default.
Use safe redirects when redirecting the login page if SSL is forced.
Make sure the version string is correctly escaped for use in generator tags.
Discovery 2018-04-03 Entry 2018-04-20 wordpress
fr-wordpress
< 4.9.5,1
de-wordpress
zh_CN-wordpress
zh_TW-wordpress
ja-wordpress
< 4.9.5
https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
|
79b65dc5-749f-11ec-8be6-d4c9ef517024 | WordPress -- Multiple Vulnerabilities
The WordPress project reports:
- Issue with stored XSS through post slugs
- Issue with Object injection in some multisite installations
- SQL injection vulnerability in WP_Query
- SQL injection vulnerability in WP_Meta_Query
Discovery 2022-01-06 Entry 2022-01-13 wordpress
< 5.8.3,1
https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/
|
4740174c-82bb-11e8-a29a-00e04c1ea73d | wordpress -- multiple issues
wordpressdevelopers reports:
Taxonomy: Improve cache handling for term queries.
Posts, Post Types: Clear post password cookie when logging out.
Widgets: Allow basic HTML tags in sidebar descriptions on Widgets admin screen.
Community Events Dashboard: Always show the nearest WordCamp if one is coming up, even if there are multiple Meetups happening first.
Privacy: Make sure default privacy policy content does not cause a fatal error when flushing rewrite rules outside of the admin context.
Discovery 2018-07-05 Entry 2018-07-08 wordpress
fr-wordpress
< 4.9.7,1
de-wordpress
zh_CN-wordpress
zh_TW-wordpress
ja-wordpress
ru-wordpress
< 4.9.7
https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance-release/
|
5df757ef-a564-11ec-85fa-a0369f7f7be0 | wordpress -- multiple issues
wordpress developers reports:
This security and maintenance release features 1 bug fix in addition to 3 security fixes.
Because this is a security release, it is recommended that you update your sites immediately.
All versions since WordPress 3.7 have also been updated.
The security team would like to thank the following people for responsively reporting
vulnerabilities, allowing them to be fixed in this release:
-Melar Dev, for finding a Prototype Pollution Vulnerability in a jQuery dependency
-Ben Bidner of the WordPress security team, for finding a Stored Cross Site Scripting Vulnerability
-Researchers from Johns Hopkins University, for finding a Prototype Pollution Vulnerability in the block editor
Discovery 2022-03-11 Entry 2022-03-16 wordpress
fr-wordpress
< 5.9.2,1
de-wordpress
zh_CN-wordpress
th_TW-wordpress
ja-wordpress
ru-wordpress
< 5.9.2
https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/
|