CVE-2013-4339 – WordPress Core < 3.6.1 - Open Redirect
https://notcve.org/view.php?id=CVE-2013-4339
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string. WordPress anterior a v3.6.1 no valida adecuadamente las URLs antes de su uso en una redirección HTTP, lo que permite a atacantes remotos evitar las restricciones establecidas a las redirecciones a través de una cadena hecha mano. WordPress version 3.6 suffers from multiple URL redirection restriction bypass vulnerabilities. • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25323 http://core.trac.wordpress.org/changeset/25324 http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116828.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116832.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117118.html http://seclists.org/fulldisclosure/2013/Dec/174 http://wordpress.org/news/2013/09/wordpress-3-6-1 http:/ • CWE-20: Improper Input Validation CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2013-4338 – WordPress Core < 3.6.1 - Deserialization
https://notcve.org/view.php?id=CVE-2013-4338
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations. wp-includes/functions.php en WordPress anterior a 3.6.1 no determina apropiadamente si los datos han sido serializados lo que permite a usuarios remotos ejecutar codigo arbitrario lanzando operaciones PHP erróneas de deserialización • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25325 http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116828.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116832.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117118.html http://wordpress.org/news/2013/09/wordpress-3-6-1 http://www.debian.org/security/2013/dsa-2757 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •
CVE-2013-5673 – Testimonial < 2.3 - SQL Injection
https://notcve.org/view.php?id=CVE-2013-5673
SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the custom_query parameter in a testimonial_add action to wp-admin/admin-ajax.php. Vulnerabilidad de inyección SQL en testimonial.php en el plugin IndiaNIC Testimonial 2.2 para WordPress permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro custom_query en una acción testimonial_add a wp-admin/admin-ajax.php. • https://www.exploit-db.com/exploits/28054 http://archives.neohapsis.com/archives/bugtraq/2013-09/0006.html http://osvdb.org/96793 http://packetstormsecurity.com/files/123036 http://seclists.org/fulldisclosure/2013/Sep/5 http://seclists.org/oss-sec/2013/q3/531 http://www.exploit-db.com/exploits/28054 http://www.securityfocus.com/bid/62108 https://exchange.xforce.ibmcloud.com/vulnerabilities/86847 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2013-5672 – Testimonial < 2.3 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2013-5672
Multiple cross-site request forgery (CSRF) vulnerabilities in the IndiaNIC Testimonial plugin 2.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add a testimonial via an iNIC_testimonial_save action; (2) add a listing template via an iNIC_testimonial_save_listing_template action; (3) add a widget template via an iNIC_testimonial_save_widget action; insert cross-site scripting (XSS) sequences via the (4) project_name, (5) project_url, (6) client_name, (7) client_city, (8) client_state, (9) description, (10) tags, (11) video_url, or (12) is_featured, (13) title, (14) widget_title, (15) no_of_testimonials, (16) filter_by_country, (17) filter_by_tags, or (18) widget_template parameter to wp-admin/admin-ajax.php. Multiples vulnerabilidades cross-site request forgery (CSRF) en la extensión extensión IndiaNIC Testimonial 2.2 para WordPress permiten a un atacante remoto secuestrar la autentificación de administradores para peticiones que: (1) añaden un testimonio a través de una acción iNIC_testimonial_save; (2) añadir una plantilla de listado a través de una acción iNIC_testimonial_save_listing_template; (3) añadir una plantilla de widget a través de una acción iNIC_testimonial_save_widget Insertar secuencias cross-site scripting (XSS) a través del parámetro (4) project_name, (5) project_url, (7) client_city, (8) client_state, (9) description, (10) tags, (11) video_url, o (12) is_featured, (13) title, (14) widget_title, (15) no_of_testimonials, (16) filter_by_country, (17) filter_by_tags, o (18) widget_template a wp-admin/admin-ajax.php. • https://www.exploit-db.com/exploits/28054 http://archives.neohapsis.com/archives/bugtraq/2013-09/0006.html http://osvdb.org/96792 http://packetstormsecurity.com/files/123036 http://seclists.org/fulldisclosure/2013/Sep/5 http://seclists.org/oss-sec/2013/q3/531 http://secunia.com/advisories/54640 http://www.exploit-db.com/exploits/28054 http://www.securityfocus.com/bid/62109 https://exchange.xforce.ibmcloud.com/vulnerabilities/86846 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2013-5714 – Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP <= 4.25.3 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2013-5714
Multiple cross-site scripting (XSS) vulnerabilities in ls/htmlchat.php in the VideoWhisper Live Streaming Integration plugin 4.25.3 and possibly earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) message parameter. NOTE: some of these details are obtained from third party information. Multiples vulnerabilidades cross-site scripting (XSS) en ls/htmlchar.php de la extensión para WordPress, VideoWhisper Live Streaming Integration 4.25.3 y posiblemente anteriores permite a un atacate remoto inyectar script web o HTML a discrección a través del parámetro (1) name o (2) message. NOTA: algunos de esos detalles son obtenidos de información de terceros. Multiple cross-site scripting (XSS) vulnerabilities in ls/htmlchat.php in the VideoWhisper Live Streaming Integration plugin 4.25.3 and possibly earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) message parameter. • http://archives.neohapsis.com/archives/bugtraq/2013-08/0153.html http://osvdb.org/96593 http://secunia.com/advisories/54619 http://www.iedb.ir/exploits-402.html http://www.securityfocus.com/bid/61977 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •