CVSS: 7.5EPSS: 3%CPEs: 73EXPL: 4CVE-2011-4899 – WordPress Core 3.3.1 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-4899
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue; however, remote code execution makes the issue important in many realistic environments ** CONTROVERTIDO ** wp-admin/setup-config.php en el componente de instalación de WordPress v3.3.1 y versiones anteriores no garantiza que el servicio de base de datos MySQL especificado sea el apropiado, lo que permite configurar una base de datos de su elección a atacantes remotos a través de los parámetros dbhost y dbname y, posteriormente, realizar una inyección de código estático y ataques de ejecución de comandos en sitios cruzados (XSS) a través de (1) una solicitud HTTP o (2) una consulta MySQL. NOTA: el vendedor se opone a la importancia de esta cuestión, sin embargo, la ejecución de código remoto hace que el problema sea importante en muchos entornos reales. WordPress versions 3.3.1 and below suffer from MySQL username/password disclosure, PHP code execution and cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/18417 http://archives.neohapsis.com/archives/bugtraq/2012-01/0150.html http://www.exploit-db.com/exploits/18417 https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt •
CVSS: 5.0EPSS: 0%CPEs: 73EXPL: 4CVE-2011-4898 – WordPress Core 3.3.1 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-4898
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue; also, it is unclear whether providing intentionally vague error messages during installation would be reasonable from a usability perspective ** CONTROVERTIDO ** wp-admin/setup-config.php en el componente de instalación de WordPress v3.3.1 y anteriores genera diferentes mensajes de error para las solicitudes que carecen de un parámetro dbname dependiendo de si las credenciales MySQL son válidas, lo facilita a los atacantes remotos a la hora de llevar a cabo ataque de fuerza bruta a través de un gran numero de peticiones con diferentes parámetros 'uname' y 'pwd'. NOTA: el vendedor se opone a la importancia de este problema. Por otra parte, tampoco está claro si proporcionar mensajes de error intencionalmente vagos durante la instalación es razonable desde la perspectiva de la usabilidad. WordPress versions 3.3.1 and below suffer from MySQL username/password disclosure, PHP code execution and cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/18417 http://archives.neohapsis.com/archives/bugtraq/2012-01/0150.html http://www.exploit-db.com/exploits/18417 https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3130 – WordPress Core <= 3.1.2 - SQL Injection
https://notcve.org/view.php?id=CVE-2011-3130
wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection. wp-includes/taxonomy.php de WordPress 3.1 anteriores a la versión 3.1.3 y 3.2 anteriores a Beta 2 tiene un impacto desconocido y vectores de ataque relacionados con "Taxonomy query hardening", posiblemente involucrando inyección SQL. • http://secunia.com/advisories/49138 http://wordpress.org/news/2011/05/wordpress-3-1-3 http://www.debian.org/security/2012/dsa-2470 http://www.securityfocus.com/bid/47995 https://exchange.xforce.ibmcloud.com/vulnerabilities/69169 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3125 – WordPress Core < 3.1.3 - Security Hardening
https://notcve.org/view.php?id=CVE-2011-3125
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening." Vulnerabilidad no especificada en WordPress v3.1 anterior a v3.1.3 y 3.2 anterior a Beta 2 tiene un impacto y vectores de ataque desconocidos relacionados con "Varios robustecimientos de la seguridad". • http://secunia.com/advisories/49138 http://wordpress.org/news/2011/05/wordpress-3-1-3 http://www.debian.org/security/2012/dsa-2470 https://exchange.xforce.ibmcloud.com/vulnerabilities/69174 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3126 – WordPress Core < 3.1.3 - Username Enumeration
https://notcve.org/view.php?id=CVE-2011-3126
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects. WordPress 3.1 anteriores a 3.1.3 y 3.2 anteriores a Beta 2 permite a atacantes remotos determinar nombres de usuario de no-autores a través de redirecciones "canonical". • http://secunia.com/advisories/49138 http://wordpress.org/news/2011/05/wordpress-3-1-3 http://www.debian.org/security/2012/dsa-2470 http://www.securityfocus.com/bid/47995 https://exchange.xforce.ibmcloud.com/vulnerabilities/69173 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-204: Observable Response Discrepancy •