CVE-2015-5715 – WordPress Core < 4.3.1 - Authorization Bypass to Information Disclosure
https://notcve.org/view.php?id=CVE-2015-5715
The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arrange for a private post to be published and sticky, via unspecified vectors. La función mw_editPost en wp-includes/class-wp-xmlrpc-server.php en el subsistema XMLRPC en WordPress en versiones anteriores a 4.3.1 permite a usuarios remotos autenticados eludir las restricciones destinadas al acceso y disponer para una publicación privada que sera publicada y adherida, a través de vectores no especificados. • http://www.debian.org/security/2015/dsa-3375 http://www.debian.org/security/2015/dsa-3383 http://www.securityfocus.com/bid/76748 http://www.securitytracker.com/id/1033979 https://codex.wordpress.org/Version_4.3.1 https://github.com/WordPress/WordPress/commit/9c57f3a4291f2311ae05f22c10eedeb0f69337ab https://security-tracker.debian.org/tracker/CVE-2015-5715 https://wordpress.org/news/2015/09/wordpress-4-3-1 https://wpvulndb.com/vulnerabilities/8188 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-7989 – WordPress Core < 4.3.1 - Authenticated Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-7989
Cross-site scripting (XSS) vulnerability in the user list table in WordPress before 4.3.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted e-mail address, a different vulnerability than CVE-2015-5714. Vulnerabilidad de XSS en la tabla de lista de usuarios en WordPress en versiones anteriores a 4.3.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de una dirección de e-mail manipulada, una vulnerabilidad diferente de CVE-2015-5714. • http://www.debian.org/security/2015/dsa-3375 http://www.debian.org/security/2015/dsa-3383 http://www.securitytracker.com/id/1033979 https://codex.wordpress.org/Version_4.3.1 https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a https://security-tracker.debian.org/tracker/CVE-2015-7989 https://wordpress.org/news/2015/09/wordpress-4-3-1 https://wpvulndb.com/vulnerabilities/8187 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-5714 – WordPress Core < 4.3.1 - Cross-Site Scripting via Shortcodes
https://notcve.org/view.php?id=CVE-2015-5714
Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags. Vulnerabilidad de XSS en WordPress en versiones anteriores a 4.3.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios aprovechando el manejo incorrecto de elementos HTML no cerrados durante el procesamiento de etiquetas acortadas. • http://www.debian.org/security/2015/dsa-3375 http://www.debian.org/security/2015/dsa-3383 http://www.securityfocus.com/bid/76745 http://www.securitytracker.com/id/1033979 https://codex.wordpress.org/Version_4.3.1 https://github.com/WordPress/WordPress/commit/f72b21af23da6b6d54208e5c1d65ececdaa109c8 https://security-tracker.debian.org/tracker/CVE-2015-5714 https://wordpress.org/news/2015/09/wordpress-4-3-1 https://wpvulndb.com/vulnerabilities/8186 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-5730 – WordPress Core < 4.2.4 - Timing Side-Channel Attack
https://notcve.org/view.php?id=CVE-2015-5730
The sanitize_widget_instance function in wp-includes/class-wp-customize-widgets.php in WordPress before 4.2.4 does not use a constant-time comparison for widgets, which allows remote attackers to conduct a timing side-channel attack by measuring the delay before inequality is calculated. La función sanitize_widget_instance en wp-includes/class-wp-customize-widgets.php en WordPress en versiones anteriores a 4.2.4 no usa una comparación a tiempo constante para los widgets, lo que permite a atacantes remotos llevar a cabo un ataque de sincronización de canal lateral midiendo el retraso antes de que sea calculada la desigualdad. • http://openwall.com/lists/oss-security/2015/08/04/7 http://www.debian.org/security/2015/dsa-3332 http://www.securityfocus.com/bid/76160 http://www.securitytracker.com/id/1033178 https://codex.wordpress.org/Version_4.2.4 https://core.trac.wordpress.org/changeset/33535 https://core.trac.wordpress.org/changeset/33536 https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8130 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-208: Observable Timing Discrepancy •
CVE-2015-5731 – WordPress Core < 4.2.4 - Cross-Site Request Forgery to Post Lockage
https://notcve.org/view.php?id=CVE-2015-5731
Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing blockage), via a get-post-lock action. Vulnerabilidad de CSRF en wp-admin/post.php en WordPress en versiones anteriores a 4.2.4 permite a atacantes remotos secuestrar la autenticación de los administradores para peticiones que bloquean una entrada, y por tanto causar una denegación de servicio (bloqueo de edición), a través de una acción get-post-lock. • http://openwall.com/lists/oss-security/2015/08/04/7 http://www.debian.org/security/2015/dsa-3332 http://www.debian.org/security/2015/dsa-3383 http://www.securityfocus.com/bid/76160 http://www.securitytracker.com/id/1033178 https://codex.wordpress.org/Version_4.2.4 https://core.trac.wordpress.org/changeset/33542 https://core.trac.wordpress.org/changeset/33543 https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release • CWE-352: Cross-Site Request Forgery (CSRF) •