CVSS: 5.0EPSS: 0%CPEs: 73EXPL: 4CVE-2011-4898 – WordPress Core 3.3.1 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-4898
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue; also, it is unclear whether providing intentionally vague error messages during installation would be reasonable from a usability perspective ** CONTROVERTIDO ** wp-admin/setup-config.php en el componente de instalación de WordPress v3.3.1 y anteriores genera diferentes mensajes de error para las solicitudes que carecen de un parámetro dbname dependiendo de si las credenciales MySQL son válidas, lo facilita a los atacantes remotos a la hora de llevar a cabo ataque de fuerza bruta a través de un gran numero de peticiones con diferentes parámetros 'uname' y 'pwd'. NOTA: el vendedor se opone a la importancia de este problema. Por otra parte, tampoco está claro si proporcionar mensajes de error intencionalmente vagos durante la instalación es razonable desde la perspectiva de la usabilidad. WordPress versions 3.3.1 and below suffer from MySQL username/password disclosure, PHP code execution and cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/18417 http://archives.neohapsis.com/archives/bugtraq/2012-01/0150.html http://www.exploit-db.com/exploits/18417 https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2011-1762 – WordPress Core < 3.1.2 - Incorrect Authorization for Contributor-level users
https://notcve.org/view.php?id=CVE-2011-1762
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publish_posts' permission. Se presenta un fallo en Wordpress relacionado con el script "wp-admin/press-this.php" que comprueba incorrectamente los permisos de usuario cuando son publicados posts. Esto puede permitir que un usuario con privilegios de tipo "Contributor-level" publique como si tuviera permiso "publish_posts" • https://wordpress.org/support/wordpress-version/version-3-1-2 • CWE-276: Incorrect Default Permissions CWE-284: Improper Access Control •
CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 1CVE-2011-5270 – WordPress Core < 3.0.6 - Incorrect Authorization Checks
https://notcve.org/view.php?id=CVE-2011-5270
wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publish_posts capability requirement, which allows remote authenticated users to perform publish actions by leveraging the Contributor role. wp-admin/press-this.php en WordPress anterior a la versión 3.0.6 no cumple los requisitos de capacidad publish_posts, lo que permite a usuarios remotos autenticados realizar acciones de publicación mediante el aprovechamiento del rol de Contributor. • http://codex.wordpress.org/Version_3.0.6 https://core.trac.wordpress.org/changeset/17710 • CWE-264: Permissions, Privileges, and Access Controls CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 1%CPEs: 75EXPL: 0CVE-2011-4957 – WordPress Core < 3.1.1 - Denial of Service
https://notcve.org/view.php?id=CVE-2011-4957
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls. La función make_clickable en wp-includes/formatting.php en WordPress antes de v3.1.1 no comprueba las URL correctamente antes de pasarlas a la biblioteca PCRE, lo que permite a atacantes remotos provocar una denegación de servicio (caída) a través de un comentario con una URL modificada que lanza muchas llamadas recursivas. • http://core.trac.wordpress.org/ticket/16892 http://secunia.com/advisories/44038 http://secunia.com/advisories/49138 http://wordpress.org/news/2011/04/wordpress-3-1-1 http://www.debian.org/security/2012/dsa-2470 http://www.openwall.com/lists/oss-security/2012/04/19/17 http://www.openwall.com/lists/oss-security/2012/04/19/6 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.4EPSS: 0%CPEs: 75EXPL: 0CVE-2011-4956 – WordPress Core <= 3.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-4956
Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en WordPress antes de v3.1.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://secunia.com/advisories/44038 http://secunia.com/advisories/49138 http://wordpress.org/news/2011/04/wordpress-3-1-1 http://www.debian.org/security/2012/dsa-2470 http://www.openwall.com/lists/oss-security/2012/04/19/17 http://www.openwall.com/lists/oss-security/2012/04/19/6 http://www.osvdb.org/72141 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •