CVE-2015-5730 – WordPress Core < 4.2.4 - Timing Side-Channel Attack
https://notcve.org/view.php?id=CVE-2015-5730
The sanitize_widget_instance function in wp-includes/class-wp-customize-widgets.php in WordPress before 4.2.4 does not use a constant-time comparison for widgets, which allows remote attackers to conduct a timing side-channel attack by measuring the delay before inequality is calculated. La función sanitize_widget_instance en wp-includes/class-wp-customize-widgets.php en WordPress en versiones anteriores a 4.2.4 no usa una comparación a tiempo constante para los widgets, lo que permite a atacantes remotos llevar a cabo un ataque de sincronización de canal lateral midiendo el retraso antes de que sea calculada la desigualdad. • http://openwall.com/lists/oss-security/2015/08/04/7 http://www.debian.org/security/2015/dsa-3332 http://www.securityfocus.com/bid/76160 http://www.securitytracker.com/id/1033178 https://codex.wordpress.org/Version_4.2.4 https://core.trac.wordpress.org/changeset/33535 https://core.trac.wordpress.org/changeset/33536 https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8130 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-208: Observable Timing Discrepancy •
CVE-2015-5731 – WordPress Core < 4.2.4 - Cross-Site Request Forgery to Post Lockage
https://notcve.org/view.php?id=CVE-2015-5731
Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing blockage), via a get-post-lock action. Vulnerabilidad de CSRF en wp-admin/post.php en WordPress en versiones anteriores a 4.2.4 permite a atacantes remotos secuestrar la autenticación de los administradores para peticiones que bloquean una entrada, y por tanto causar una denegación de servicio (bloqueo de edición), a través de una acción get-post-lock. • http://openwall.com/lists/oss-security/2015/08/04/7 http://www.debian.org/security/2015/dsa-3332 http://www.debian.org/security/2015/dsa-3383 http://www.securityfocus.com/bid/76160 http://www.securitytracker.com/id/1033178 https://codex.wordpress.org/Version_4.2.4 https://core.trac.wordpress.org/changeset/33542 https://core.trac.wordpress.org/changeset/33543 https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2015-2213 – WordPress Core < 4.2.4 - SQL Injection
https://notcve.org/view.php?id=CVE-2015-2213
SQL injection vulnerability in the wp_untrash_post_comments function in wp-includes/post.php in WordPress before 4.2.4 allows remote attackers to execute arbitrary SQL commands via a comment that is mishandled after retrieval from the trash. Vulnerabilidad de inyección SQL en la función wp_untrash_post_comments en wp-includes/post.php en WordPress en versiones anteriores a 4.2.4 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de un comentario que no es manejado correctamente después de haber sido recuperado de la papelera de reciclaje. • http://openwall.com/lists/oss-security/2015/08/04/7 http://www.debian.org/security/2015/dsa-3332 http://www.debian.org/security/2015/dsa-3383 http://www.securityfocus.com/bid/76160 http://www.securitytracker.com/id/1033178 https://codex.wordpress.org/Version_4.2.4 https://core.trac.wordpress.org/changeset/33555 https://core.trac.wordpress.org/changeset/33556 https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release https://wpvulndb.com/ • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2015-5732 – WordPress Core < 4.2.4 - Cross-Site Scripting via Widget Title
https://notcve.org/view.php?id=CVE-2015-5732
Cross-site scripting (XSS) vulnerability in the form function in the WP_Nav_Menu_Widget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title. Vulnerabilidad de XSS en la función form en la clase WP_Nav_Menu_Widget en wp-includes/default-widgets.php en WordPress en versiones anteriores a 4.2.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un título de widget. • http://openwall.com/lists/oss-security/2015/08/04/7 http://www.debian.org/security/2015/dsa-3332 http://www.debian.org/security/2015/dsa-3383 http://www.securityfocus.com/bid/76160 http://www.securitytracker.com/id/1033178 https://codex.wordpress.org/Version_4.2.4 https://core.trac.wordpress.org/changeset/33529 https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8131 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-5733 – WordPress Core < 4.2.4 - Stored Cross-Site Scripting via accessibility-helper Title
https://notcve.org/view.php?id=CVE-2015-5733
Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title. Vulnerabilidad de XSS en la función refreshAdvancedAccessibilityOfItem en wp-admin/js/nav-menu.js en WordPress en versiones anteriores a 4.2.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un título de asistente de accesibilidad. • http://openwall.com/lists/oss-security/2015/08/04/7 http://www.securityfocus.com/bid/76331 http://www.securitytracker.com/id/1033178 https://codex.wordpress.org/Version_4.2.4 https://core.trac.wordpress.org/changeset/33540 https://core.trac.wordpress.org/changeset/33541 https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8132 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •