CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2221 – WordPress Core < 4.4.2 - Open Redirect via wp_validate_redirect
https://notcve.org/view.php?id=CVE-2016-2221
Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers incorrect hostname parsing, as demonstrated by an https:example.com URL. Vulnerabilidad de redirección abierta en la función wp_validate_redirect en wp-includes/pluggable.php en WordPress en versiones anteriores a 4.4.2 permite a atacantes remotos redirigir a los usuarios a sitios web arbitrarios y llevar acabo ataques de phishing a través de una URL mal formada que desencadena un análisis gramatical del nombre de host incorrecto, según lo demostrado mediante una URL https:example.com. • http://www.debian.org/security/2016/dsa-3472 http://www.securityfocus.com/bid/82463 http://www.securitytracker.com/id/1034933 https://codex.wordpress.org/Version_4.4.2 https://core.trac.wordpress.org/changeset/36444 https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8377 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.6EPSS: 1%CPEs: 1EXPL: 1CVE-2016-2222 – WordPress Core < 4.4.2 - Server-Side Request Forgery
https://notcve.org/view.php?id=CVE-2016-2222
The wp_http_validate_url function in wp-includes/http.php in WordPress before 4.4.2 allows remote attackers to conduct server-side request forgery (SSRF) attacks via a zero value in the first octet of an IPv4 address in the u parameter to wp-admin/press-this.php. La función wp_http_validate_url en wp-includes/http.php en WordPress en versiones anteriores a 4.4.2 permite a atacantes remotos llevar a cabo ataques SSRF a través de un valor cero en el primer octeto de una dirección IPv4 en el parámetro u para wp-admin / press-this.php. • http://www.debian.org/security/2016/dsa-3472 http://www.securityfocus.com/bid/82454 http://www.securitytracker.com/id/1034933 https://codex.wordpress.org/Version_4.4.2 https://core.trac.wordpress.org/changeset/36435 https://hackerone.com/reports/110801 https://news.ycombinator.com/item?id=20433070 https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8376 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 1CVE-2016-1564 – WordPress Core < 4.4.1 - Cross-Site Scripting via Theme Names
https://notcve.org/view.php?id=CVE-2016-1564
Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a (1) stylesheet name or (2) template name to wp-admin/customize.php. Múltiples vulnerabilidades de XSS en wp-includes/class-wp-theme.php en WordPress en versiones anteriores a 4.4.1 permiten a atacantes remotos inyectar comandos de web o HTML arbitrarios a través de (1) nombre de hoja de estilo o (2) nombre de plantilla para wp-admin/customize.php. • http://twitter.com/brutelogic/statuses/685105483397619713 http://www.debian.org/security/2016/dsa-3444 http://www.openwall.com/lists/oss-security/2016/01/08/4 http://www.securitytracker.com/id/1034622 https://codex.wordpress.org/Version_4.4.1 https://core.trac.wordpress.org/changeset/36185 https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release https://wpvulndb.com/vulnerabilities/8358 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 12%CPEs: 1EXPL: 0CVE-2015-5714 – WordPress Core < 4.3.1 - Cross-Site Scripting via Shortcodes
https://notcve.org/view.php?id=CVE-2015-5714
Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags. Vulnerabilidad de XSS en WordPress en versiones anteriores a 4.3.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios aprovechando el manejo incorrecto de elementos HTML no cerrados durante el procesamiento de etiquetas acortadas. • http://www.debian.org/security/2015/dsa-3375 http://www.debian.org/security/2015/dsa-3383 http://www.securityfocus.com/bid/76745 http://www.securitytracker.com/id/1033979 https://codex.wordpress.org/Version_4.3.1 https://github.com/WordPress/WordPress/commit/f72b21af23da6b6d54208e5c1d65ececdaa109c8 https://security-tracker.debian.org/tracker/CVE-2015-5714 https://wordpress.org/news/2015/09/wordpress-4-3-1 https://wpvulndb.com/vulnerabilities/8186 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5715 – WordPress Core < 4.3.1 - Authorization Bypass to Information Disclosure
https://notcve.org/view.php?id=CVE-2015-5715
The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arrange for a private post to be published and sticky, via unspecified vectors. La función mw_editPost en wp-includes/class-wp-xmlrpc-server.php en el subsistema XMLRPC en WordPress en versiones anteriores a 4.3.1 permite a usuarios remotos autenticados eludir las restricciones destinadas al acceso y disponer para una publicación privada que sera publicada y adherida, a través de vectores no especificados. • http://www.debian.org/security/2015/dsa-3375 http://www.debian.org/security/2015/dsa-3383 http://www.securityfocus.com/bid/76748 http://www.securitytracker.com/id/1033979 https://codex.wordpress.org/Version_4.3.1 https://github.com/WordPress/WordPress/commit/9c57f3a4291f2311ae05f22c10eedeb0f69337ab https://security-tracker.debian.org/tracker/CVE-2015-5715 https://wordpress.org/news/2015/09/wordpress-4-3-1 https://wpvulndb.com/vulnerabilities/8188 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •