CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2017-5493 – WordPress Core < 4.7.1 - Weak Multi-Site Activation Key for User and Site Signup
https://notcve.org/view.php?id=CVE-2017-5493
11 Jan 2017 — wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup. wp-includes/ms-functions.php en la API Multisite WordPress en WordPress en versiones anteriores a 4.7.1 no elige adecuadamente los números aleatorios para claves, lo que hace que más fácil para atacantes remotos eludir las restricciones destina... • http://www.debian.org/security/2017/dsa-3779 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5488 – WordPress Core < 4.7.1 - Cross-Site Scripting via Name and Version Header of Plugin
https://notcve.org/view.php?id=CVE-2017-5488
11 Jan 2017 — Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin. Múltiples vulnerabilidades de XSS en wp-admin/update-core.php en WordPress en versiones anteriores a 4.7.1 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del (1) nombre o (2) encabezado de versión de un plugin. Several vulnerabilities were discov... • http://www.debian.org/security/2017/dsa-3779 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 93%CPEs: 3EXPL: 11CVE-2016-10045 – PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-10045
28 Dec 2016 — The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033. El transporte isMail en PHPMailer en versiones anteriores a 5.2.20 podrían permitir a atacantes remotos pasar parámetros extra al comando ... • https://packetstorm.news/files/id/140286 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 94%CPEs: 3EXPL: 39CVE-2016-10033 – WordPress Core 4.6 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-10033
26 Dec 2016 — The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property. La función mailSend en el transporte isMail en PHPMailer en versiones anteriores a 5.2.18 podrían permitir a atacantes remotos pasar parámetros extra al comando mail y consecuentemente ejecutar código arbitrario a través de una \" (barra invertida comillas dobl... • https://packetstorm.news/files/id/142486 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7168 – WordPress Core < 4.6.1 - Authenticated Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2016-7168
07 Sep 2016 — Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename. Vulnerabilidad de XSS en la función media_handle_upload en wp-admin/includes/media.php en WordPress en versiones anteriores a 4.6.1 podría permitir a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios ... • http://www.debian.org/security/2016/dsa-3681 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 3%CPEs: 1EXPL: 0CVE-2016-7169 – WordPress Core < 4.6.1 - Authenticated Directory Traversal to Arbitrary File Access
https://notcve.org/view.php?id=CVE-2016-7169
07 Sep 2016 — Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter. Vulnerabilidad de salto de directorio en la clase File_Upload_Upgrader en wp-admin/includes/class-file-upload-upgrader.php en el cargador del paquete de actualización en WordPress en versiones anteriores a 4.6.1 permite a usuarios remotos ... • http://www.debian.org/security/2016/dsa-3681 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10148 – WordPress Core < 4.6 - Authorization Bypass
https://notcve.org/view.php?id=CVE-2016-10148
16 Aug 2016 — The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authenticated users to bypass intended read-access restrictions via the plugin parameter to wp-admin/admin-ajax.php, a related issue to CVE-2016-6896. La función wp_ajax_update_plugin en wp-admin/includes/ajax-actions.php en WordPress en versiones anteriores a 4.6 hace una llamada get_plugin_data antes de comprobar la... • http://www.openwall.com/lists/oss-security/2016/08/20/1 • CWE-254: 7PK - Security Features CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 30%CPEs: 1EXPL: 2CVE-2016-6897 – WordPress Core < 4.6 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2016-6897
16 Aug 2016 — Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the check_ajax_referer function, a related issue to CVE-2016-6896. Vulnerabilidad de CSRF en la función wp_ajax_update_plugin en wp-admin/includes/ajax-actions.php en WordPress en versiones anteriores a 4.6 permite a atacantes remotos ... • https://packetstorm.news/files/id/180504 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-6707 – WordPress Core - Informational < 6.8 - Weak Hashing Algorithm
https://notcve.org/view.php?id=CVE-2012-6707
20 Jun 2012 — WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress wi... • https://core.trac.wordpress.org/ticket/21022 • CWE-261: Weak Encoding for Password CWE-326: Inadequate Encryption Strength •