CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2014-9033 – WordPress Core < 4.0.1 - Cross-Site Request Forgery to Authentication Takeover
https://notcve.org/view.php?id=CVE-2014-9033
Cross-site request forgery (CSRF) vulnerability in wp-login.php in WordPress 3.7.4, 3.8.4, 3.9.2, and 4.0 allows remote attackers to hijack the authentication of arbitrary users for requests that reset passwords. Vulnerabilidad de CSRF en wp-login.php in WordPress 3.7.4, 3.8.4, 3.9.2, y 4.0 permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios para solicitudes que reconfiguran contraseñas. • http://advisories.mageia.org/MGASA-2014-0493.html http://core.trac.wordpress.org/changeset/30418 http://openwall.com/lists/oss-security/2014/11/25/12 http://www.debian.org/security/2014/dsa-3085 http://www.mandriva.com/security/advisories?name=MDVSA-2014:233 http://www.securitytracker.com/id/1031243 https://wordpress.org/news/2014/11/wordpress-4-0-1 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 98EXPL: 0CVE-2014-0165 – WordPress Core < 3.8.2 - Contributor Users Can Publish Posts
https://notcve.org/view.php?id=CVE-2014-0165
WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-wp-posts-list-table.php. WordPress anterior a 3.7.2 y 3.8.x anterior a 3.8.2 permite a usuarios remotos autenticados publicar mensajes mediante el aprovechamiento del rol de Colaborador, relacionado con wp-admin/includes/post.php y wp-admin/includes/class-wp-posts-list-table.php. • http://codex.wordpress.org/Version_3.7.2 http://codex.wordpress.org/Version_3.8.2 http://core.trac.wordpress.org/changeset/27976 http://www.debian.org/security/2014/dsa-2901 https://bugzilla.redhat.com/show_bug.cgi?id=1085866 • CWE-264: Permissions, Privileges, and Access Controls CWE-285: Improper Authorization •
CVSS: 6.5EPSS: 1%CPEs: 98EXPL: 1CVE-2014-0166 – WordPress Core < 3.8.2 - Authentication Cookie Forgery
https://notcve.org/view.php?id=CVE-2014-0166
The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie. La función wp_validate_auth_cookie en wp-includes/pluggable.php en WordPress anterior a 3.7.2 y 3.8.x anterior a 3.8.2 no determina debidamente la validez de cookies de autenticación, lo que facilita a atacantes remotos obtener acceso a través de una cookie falsificada. • https://github.com/Ettack/POC-CVE-2014-0166 http://codex.wordpress.org/Version_3.7.2 http://codex.wordpress.org/Version_3.8.2 http://core.trac.wordpress.org/changeset/28054 http://www.debian.org/security/2014/dsa-2901 https://bugzilla.redhat.com/show_bug.cgi?id=1085858 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 1CVE-2013-7233 – WordPress Core < 2.1 - Cross-Site Request Forgery to Denial of Service
https://notcve.org/view.php?id=CVE-2013-7233
Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list. V ulnerabilidad Cross-site request forgery (CSRF) en el componente retrospam en wp-admin/options-discussion.php en WordPress 2.0.11 y anteriores permite a atacantes remotos secuestrar la autenticación de los administradores de las solicitudes que mueven comentarios a la moderación de la lista. • https://www.exploit-db.com/exploits/38924 http://seclists.org/fulldisclosure/2013/Dec/145 http://www.osvdb.org/101184 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2013-5738 – WordPress Core < 3.6.1 - HTML File Upload
https://notcve.org/view.php?id=CVE-2013-5738
The get_allowed_mime_types function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfiltered_html capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file. La función get_allowed_mime_types en wp-includes/functions.php de WordPress anterior a 3.6.1 no requiere la capacidad unfiltered_html para subidas de ficheros .htm y .html lo cual podría facilitar a usuarios remotos autenticados realizar un ataque cross-site scripting (XSS) a través de un fichero manipulado • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25322 http://wordpress.org/news/2013/09/wordpress-3-6-1 http://www.debian.org/security/2013/dsa-2757 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •