CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5492 – WordPress Core < 4.7.1 - Cross-Site Request Forgery via Widget Editing
https://notcve.org/view.php?id=CVE-2017-5492
Cross-site request forgery (CSRF) vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php. Vulnerabilidad de CSRF en la funcionalidad de modo de accesibilidad de edición de widget en WordPress en versiones anteriores a 4.7.1 permite a atacantes remotos secuestrar la autenticación de victimas no especificadas para solicitudes que realizan una acción de acceso a widgets, relacionado con wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php. • http://www.debian.org/security/2017/dsa-3779 http://www.openwall.com/lists/oss-security/2017/01/14/6 http://www.securityfocus.com/bid/95407 http://www.securitytracker.com/id/1037591 https://codex.wordpress.org/Version_4.7.1 https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733 https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8720 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.3EPSS: 87%CPEs: 1EXPL: 8CVE-2017-5487 – WordPress Core < 4.7.1 - Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5487
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request. wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php en la implementación REST API en WordPress 4.7 en versiones anteriores a 4.7.1 no restringe adecuadamente los listados de autores de publicación, lo que permite a atacantes remotos obtener información sensible a través de una petición wp-json/wp/v2/users. • https://www.exploit-db.com/exploits/41497 https://github.com/patilkr/wp-CVE-2017-5487-exploit https://github.com/K3ysTr0K3R/CVE-2017-5487-EXPLOIT https://github.com/GeunSam2/CVE-2017-5487 https://github.com/Jhonsonwannaa/CVE-2017-5487 https://github.com/SeasonLeague/CVE-2017-5487 https://github.com/zkhalidul/GrabberWP-CVE-2017-5487 https://github.com/Ravindu-Priyankara/CVE-2017-5487-vulnerability-on-NSBM http://www.openwall.com/lists/oss-security/2017/01/14/6 http://www • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5488 – WordPress Core < 4.7.1 - Cross-Site Scripting via Name and Version Header of Plugin
https://notcve.org/view.php?id=CVE-2017-5488
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin. Múltiples vulnerabilidades de XSS en wp-admin/update-core.php en WordPress en versiones anteriores a 4.7.1 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del (1) nombre o (2) encabezado de versión de un plugin. • http://www.debian.org/security/2017/dsa-3779 http://www.openwall.com/lists/oss-security/2017/01/14/6 http://www.securityfocus.com/bid/95397 http://www.securitytracker.com/id/1037591 https://codex.wordpress.org/Version_4.7.1 https://github.com/WordPress/WordPress/commit/c9ea1de1441bb3bda133bf72d513ca9de66566c2 https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8716 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5490 – WordPress Core < 4.7.1 - Stored Cross-Site Scripting via theme directory name
https://notcve.org/view.php?id=CVE-2017-5490
Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to wp-admin/includes/class-theme-installer-skin.php. Vulnerabilidad de XSS en la funcionalidad de retorno de nombre de tema en wp-includes/class-wp-theme.php en WordPress en versiones anteriores a 4.7.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un nombre de directorio manipulado de un tema, relacionado con wp-admin/includes/class-theme-installer-skin.php. • http://www.debian.org/security/2017/dsa-3779 http://www.openwall.com/lists/oss-security/2017/01/14/6 http://www.securityfocus.com/bid/95402 http://www.securitytracker.com/id/1037591 https://codex.wordpress.org/Version_4.7.1 https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359 https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8718 https://www.mehmetince.net/low-severity-wordpress • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5491 – WordPress Core < 4.7.1 - Authorization Bypass
https://notcve.org/view.php?id=CVE-2017-5491
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name. wp-mail.php en WordPress en versiones anteriores a 4.7.1 podría permitir a atacantes remotos eludir las restricciones de publicación previstas a través de un servidor de correo falsificado con el nombre mail.example.com. • http://www.debian.org/security/2017/dsa-3779 http://www.openwall.com/lists/oss-security/2017/01/14/6 http://www.securityfocus.com/bid/95406 http://www.securitytracker.com/id/1037591 https://codex.wordpress.org/Version_4.7.1 https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8719 • CWE-285: Improper Authorization CWE-1188: Initialization of a Resource with an Insecure Default •