Page 18 of 343 results (0.008 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2017-14990 – WordPress Core - All Known Versions - Cleartext Storage of wp_signups.activation_key

https://notcve.org/view.php?id=CVE-2017-14990

WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability). La versión 4.8.2 de WordPress almacena valores wp_signups.activation_key en texto claro (pero almacena los valores análogos wp_users.user_activation_key como hashes), lo que podría facilitar que los atacantes remotos secuestren cuentas de usuario sin activar aprovechando el acceso de lectura a las bases de datos (como, por ejemplo, el acceso obtenido mediante una vulnerabilidad de inyección SQL sin especificar). All known versions of WordPress Core store cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability). WordPress version 4.8.2 fails to have an expiration mechanism tied to activation keys allowing for eternal use. • http://www.securitytracker.com/id/1039554 https://core.trac.wordpress.org/ticket/38474 https://www.debian.org/security/2017/dsa-3997 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-14721 – WordPress Core < 4.8.2 - Stored Cross-Site Scripting via Plugin Names

https://notcve.org/view.php?id=CVE-2017-14721

Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name. Antes de la versión 4.8.2, WordPress permitía un ataque de Cross-Site Scripting (XSS) en el editor de plugins mediante un nombre de plugin modificado. • http://www.securityfocus.com/bid/100912 http://www.securitytracker.com/id/1039553 https://core.trac.wordpress.org/changeset/41412 https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release https://www.debian.org/security/2017/dsa-3997 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

CVE-2017-14723 – WordPress Core < 4.8.2 - SQL Injection via Mishandled Placeholders

https://notcve.org/view.php?id=CVE-2017-14723

Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks. Antes de la versión 4.8.2, WordPress no gestionaba correctamente caracteres % y valores de sustitución adicionales en $wpdb->prepare, por lo que no abordaba correctamente la posibilidad de que los plugins o los temas permitiesen los ataques de inyección SQL. • http://www.securityfocus.com/bid/100912 http://www.securitytracker.com/id/1039553 https://core.trac.wordpress.org/changeset/41470 https://core.trac.wordpress.org/changeset/41496 https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48 https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec https://medium.com/websec/wordpress-sqli-bbb2afcc8e94 https://medium.com/websec/wordpress-sqli-poc-f1827c20bf8e https://wordpress.org/news/2017/09/wordpress-4-8-2-security • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 202EXPL: 0

CVE-2017-14719 – WordPress Core < 4.8.2 - Directory Traversal during unzip

https://notcve.org/view.php?id=CVE-2017-14719

Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components. Antes de la versión 4.8.2, WordPress era susceptible a un ataque de salto de directorio durante operaciones de descompresión en los componentes ZipArchive y PclZip. • http://www.securityfocus.com/bid/100912 http://www.securitytracker.com/id/1039553 https://core.trac.wordpress.org/changeset/41457 https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8911 https://www.debian.org/security/2017/dsa-3997 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-14724 – WordPress Core < 4.8.2 - Cross-Site Scripting in oEmbed

https://notcve.org/view.php?id=CVE-2017-14724

Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery. Antes de la versión 4.8.2, WordPress era vulnerable a Cross-Site Scripting (XSS) en oEmbed Discovery. • http://www.securityfocus.com/bid/100912 http://www.securitytracker.com/id/1039553 https://core.trac.wordpress.org/changeset/41448 https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8913 https://www.debian.org/security/2017/dsa-3997 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •