CVE-2012-2401 – WordPress Core <= 3.3.1 - Same Origin Policy Bypass
https://notcve.org/view.php?id=CVE-2012-2401
Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content. Plupload antes de v1.5.4, tal y como se utiliza en wp-includes/js/plupload/ en WordPress antes de v3.3.2 y otros productos, permite ejecutar secuencias de comandos, independientemente del dominio desde el que se cargó el contenido SWF, lo que permite a atacantes remotos evitar la política de mismo origen a través de contenido malicioso. • http://core.trac.wordpress.org/browser/branches/3.3/wp-includes/js/plupload/changelog.txt?rev=20487 http://core.trac.wordpress.org/browser/branches/3.3/wp-includes/js/plupload?rev=20487 http://osvdb.org/81461 http://secunia.com/advisories/49138 http://wordpress.org/news/2012/04/wordpress-3-3-2 http://www.debian.org/security/2012/dsa-2470 http://www.plupload.com/punbb/viewtopic.php?id=1685 http://www.securityfocus.com/bid/53192 https://exchange.xforce.ibmcloud.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-2403 – WordPress Core < 3.3.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-2403
wp-includes/formatting.php in WordPress before 3.3.2 attempts to enable clickable links inside attributes, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. wp-includes/formatting.php en WordPress antes de v3.3.2 intenta habilitar los enlaces 'clicables' dentro de los atributos, lo que hace que facilita a los atacantes remotos a la hora de realizar ataques de ejecución de comandos en sitios cruzados(XSS) a través de vectores no especificados. • http://core.trac.wordpress.org/changeset/20493/branches/3.3/wp-includes/capabilities.php http://core.trac.wordpress.org/changeset/20493/branches/3.3/wp-includes/formatting.php http://osvdb.org/81463 http://secunia.com/advisories/48957 http://secunia.com/advisories/49138 http://wordpress.org/news/2012/04/wordpress-3-3-2 http://www.debian.org/security/2012/dsa-2470 http://www.securityfocus.com/bid/53192 https://exchange.xforce.ibmcloud.com/vulnerabilities/75093 https://exch • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-0937 – WordPress Core 3.3.1 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0937
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time ** CUESTIONADA ** wp-admin/setup-config.php en la instalación del componente en WordPress v3.3.1 y versiones anteriores. No limita el número de peticiones MySQL enviados a servidores externos de la base de datos MySQL, lo que permite que atacantes remotos que usan WordPress como proxy para ataques de fuerza-bruta o denegación de servicio ataquen a través del parámetro 'dbhost', una vulnerabilidad diferente que CVE-2011-4898. NOTA: El vendedor ha puesto en duda la importancia de este informe porque una instalación incompleta de WordPress debería presentarse en la red por un periodo de corto de tiempo. • https://www.exploit-db.com/exploits/18417 http://archives.neohapsis.com/archives/bugtraq/2012-01/0150.html http://www.exploit-db.com/exploits/18417 https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt •
CVE-2012-0782 – WordPress Core 3.3.1 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0782
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dbhost, (2) dbname, or (3) uname parameter. NOTE: the vendor disputes the significance of this issue; also, it is unclear whether this specific XSS scenario has security relevance ** CUESTIONADA ** Varias vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en wp-admin/setup-config.php en la instalación de componente en WordPress 3.3.1 y anteriores apermite a atacantes remotos inyectar código HTML o script web a través del parámetro (1)dbhost, (2) dbname, o (3) uname. NOTA: el desarrollador ha disputado la importancia de este vulnerabilidad; no está claro que el escenario XSS específico tenga relevancia de seguridad. WordPress versions 3.3.1 and below suffer from MySQL username/password disclosure, PHP code execution and cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/18417 http://archives.neohapsis.com/archives/bugtraq/2012-01/0150.html http://www.exploit-db.com/exploits/18417 https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-4899 – WordPress Core 3.3.1 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-4899
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue; however, remote code execution makes the issue important in many realistic environments ** CONTROVERTIDO ** wp-admin/setup-config.php en el componente de instalación de WordPress v3.3.1 y versiones anteriores no garantiza que el servicio de base de datos MySQL especificado sea el apropiado, lo que permite configurar una base de datos de su elección a atacantes remotos a través de los parámetros dbhost y dbname y, posteriormente, realizar una inyección de código estático y ataques de ejecución de comandos en sitios cruzados (XSS) a través de (1) una solicitud HTTP o (2) una consulta MySQL. NOTA: el vendedor se opone a la importancia de esta cuestión, sin embargo, la ejecución de código remoto hace que el problema sea importante en muchos entornos reales. WordPress versions 3.3.1 and below suffer from MySQL username/password disclosure, PHP code execution and cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/18417 http://archives.neohapsis.com/archives/bugtraq/2012-01/0150.html http://www.exploit-db.com/exploits/18417 https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt •