CVE-2013-0237 – WordPress Core < 3.5.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2013-0237
Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. Vulnerabilidad de ejecución de comandos en sitios cruzados en Plupload.as en Moxiecode Plupload anteriores a v1.5.5, como el usado en WordPress anteriores a v3.5.1 y otros productos, permiten a atacantes remotos inyectar comandos web o HTML a través del parámetro id. • http://codex.wordpress.org/Version_3.5.1 http://wordpress.org/news/2013/01/wordpress-3-5-1 https://bugzilla.redhat.com/show_bug.cgi?id=904122 https://github.com/moxiecode/plupload/commit/2d746ee9083c184f1234d8fed311e89bdd1b39e5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-5469 – Portable phpMyAdmin <= 1.3.0 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2012-5469
The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod. El complemento phpMyAdmin Portable antes de v1.3.1 para WordPress permite a atacantes remotos evitar la autenticación y obtener acceso a la consola de phpMyAdmin a través de una solicitud directa al wp-content/plugins/portable-phpmyadmin/wp-pma-mod. The Portable phpMyAdmin plugin before 1.3.0 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod. WordPress portable-phpMyAdmin plugin version 1.3.0 fails to validate the existing session allowing a user to navigate directly to the interface. • https://www.exploit-db.com/exploits/23356 http://archives.neohapsis.com/archives/bugtraq/2012-12/0092.html http://wordpress.org/extend/plugins/portable-phpmyadmin/changelog • CWE-264: Permissions, Privileges, and Access Controls CWE-287: Improper Authentication •
CVE-2012-3414 – SWFUpload <= 2.2.0.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-3414
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function. Vulnerabilidad XSS (cross-site scripting) en swfupload.swf en SWFUpload v2.2.0.10 y anteriores, tal y como se utilizaba en Wordpress anterior a v3.3.2, TinyMCE Image Manager v1.1, y otros productos, permite a atacantes remotos inyectar web scripts arbitrarios o HTML mediante el parámetro movieName, relacionado con la función "ExternalInterface.call" Dotclear, InstantCMS, AionWeb, and Dolphin all include a version of swfupload.swf that suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/37470 http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html http://code.google.com/p/swfupload/issues/detail?id=376 http://make.wordpress.org/core/2013/06/21/secure-swfupload http://packetstormsecurity.com/files/122399/TinyMCE-Image-Manager-1.1-Cross-Site-Scripting.html http://www.openwall.com/lists/oss-security/2012/07/16/4 http://www.openwall.com/lists/oss-security/2012/07/17/12 http://www.securityfocus.com/bid/54245 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-5387 – White Label CMS < 1.5.1 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-5387
Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in the White Label CMS plugin before 1.5.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify the developer name via the wlcms_o_developer_name parameter in a save action to wp-admin/admin.php, as demonstrated by a developer name containing XSS sequences. Múltiples vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en wlcms-plugin.php en el plugin White Label CMS anteriores a v1.5.1 para WordPress, permite a atacantes remotos secuestrar la autenticación de los administradores para peticiones que piden que modifique el nombre del desarrollador a través del parámetro wlcms_o_developer_name en una acción save sobre wp-admin/admin.php, como se demostró por el nombre de desarrollador que contiene secuencias XSS. White Label CMS version 1.5 suffers from cross site request forgery and cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/22156 http://osvdb.org/86568 http://packetstormsecurity.org/files/117590/White-Label-CMS-1.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html http://wordpress.org/extend/plugins/white-label-cms/changelog http://www.exploit-db.com/exploits/22156 http://www.securityfocus.com/bid/56166 https://exchange.xforce.ibmcloud.com/vulnerabilities/79520 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2012-4421 – WordPress Core < 3.4.2 - Missing Authorization Checks on create_post
https://notcve.org/view.php?id=CVE-2012-4421
The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol (aka AtomPub) feature. La función create_post en wp-includes/class-wp-atom-server.php en WordPress antes de v3.4.2 no realiza determinadas comprobaciones, lo que permite a usuarios remotos autenticados eludir restricciones de acceso y publicar nuevos mensajes aprovechándose del rol de Colaborador y usando el Protocolo de Publicación (Conocido como AtomPub). • http://codex.wordpress.org/Version_3.4.2 http://core.trac.wordpress.org/changeset?old_path=%2Ftags%2F3.4.1&old=21780&new_path=%2Ftags%2F3.4.2&new=21780#file2 http://openwall.com/lists/oss-security/2012/09/13/4 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •