CVE-2012-3385 – WordPress Core < 3.4.1 - Information Disclosure
https://notcve.org/view.php?id=CVE-2012-3385
WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors. WordPress anterior a v3.4.1 no restringe el acceso a publicar contenidos tales como los mensajes privados o proyecto, lo que permite a los autores o colaboradores remotos obtener información sensible a través de vectores desconocidos. • http://codex.wordpress.org/Version_3.4.1 http://www.openwall.com/lists/oss-security/2012/07/02/1 http://www.openwall.com/lists/oss-security/2012/07/08/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-6707 – WordPress Core - Informational - All known Versions - Weak Hashing Algorithm
https://notcve.org/view.php?id=CVE-2012-6707
WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress with obsolete PHP versions. WordPress hasta la versión 4.8.2 emplea un algoritmo débil de hash de contraseñas basado en MD5, lo que facilita que atacantes determinen valores en texto claro aprovechando el acceso a los valores hash. NOTA: la forma de cambiar esto puede no ser totalmente compatible con ciertos casos de uso, como la migración de un sitio de WordPress desde un host web que emplee una versión reciente de PHP a un host web diferente que emplee PHP 5.2. • https://core.trac.wordpress.org/ticket/21022 • CWE-261: Weak Encoding for Password CWE-326: Inadequate Encryption Strength •
CVE-2012-4263 – iThemes Security < 3.2.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-4263
Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin before 3.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP_USER_AGENT header. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en inc/admin/content.php en el plugin 'Better WP Security' (better_wp_security) para WordPress antes de v3.2.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de la cabecera HTTP_USER_AGENT. Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (iThemes) plugin before 3.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP_USER_AGENT header. • http://bit51.com/software/better-wp-security/changelog http://packetstormsecurity.org/files/112617/WordPress-Better-WP-Security-Cross-Site-Scripting.html http://plugins.trac.wordpress.org/changeset?old_path=%2Fbetter-wp-security&old=542852&new_path=%2Fbetter-wp-security&new=542852 http://www.securityfocus.com/bid/53480 https://exchange.xforce.ibmcloud.com/vulnerabilities/75523 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-4264 – Better WP Security <= 3.2.4 - Multiple Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-4264
Multiple cross-site scripting (XSS) vulnerabilities in the Better WP Security (better_wp_security) plugin before 3.2.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "server variables," a different vulnerability than CVE-2012-4263. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en el plugin 'Better WP Security' (better_wp_security) para WordPress antes de v3.2.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados relacionados con "variables de servidor". Se trata una vulnerabilidad diferente a CVE-2012-4263. • http://bit51.com/software/better-wp-security/changelog http://plugins.trac.wordpress.org/changeset?old_path=%2Fbetter-wp-security&old=542852&new_path=%2Fbetter-wp-security&new=542852 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-1936 – WordPress Core 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-1936
The wp_create_nonce function in wp-includes/pluggable.php in WordPress 3.3.1 and earlier associates a nonce with a user account instead of a user session, which might make it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks on specific actions and objects by sniffing the network, as demonstrated by attacks against the wp-admin/admin-ajax.php and wp-admin/user-new.php scripts. NOTE: the vendor reportedly disputes the significance of this issue because wp_create_nonce operates as intended, even if it is arguably inconsistent with certain CSRF protection details advocated by external organizations ** EN DISPUTA ** La función wp_create_nonce en wp-includes/pluggable.php en WordPress v3.3.1 y anteriores asocia un "nomce" con una cuenta de usuario en lugar de con una sesión de usuario, lo que facilita a atacantes remotos realizar ataques de falsificación de petición en sitios cruzados (CSRF) en acciones específicas y objetos espiando el tráfico de la red, como se demostró con el ataque contra los scripts wp-admin/admin-ajax.php y wp-admin/user-new.php. NOTA: El desarrollador disputa la importancia de este problema, por que wp_create_nonce funciona como está previsto incluso si es incompatible con algunas protecciones CSRF incorporadas por organizaciones externas. WordPress version 3.3.1 suffers from multiple cross site request forgery vulnerabilities. • https://www.exploit-db.com/exploits/18791 http://www.exploit-db.com/exploits/18791 http://www.securityfocus.com/bid/53280 http://www.webapp-security.com/2012/04/wordpress-3-3-1-multiple-csrf-vulnerabilities http://www.webapp-security.com/wp-content/uploads/2012/04/Wordpress-3.3.1-Multiple-CSRF-Vulnerabilities6.txt • CWE-352: Cross-Site Request Forgery (CSRF) •