CVSS: 9.8EPSS: 0%CPEs: 31EXPL: 0CVE-2007-4894 – WordPress Core < 2.2.3 & WordPress MU < 1.2.5a - SQL Injection
https://notcve.org/view.php?id=CVE-2007-4894
Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a allow remote attackers to execute arbitrary SQL commands via the post_type parameter to the pingback.extensions.getPingbacks method in the XMLRPC interface, and other unspecified parameters related to "early database escaping" and missing validation of "query string like parameters." Múltiples vulnerabilidades de inyección SQL en Wordpress versiones anteriores a 2.2.3 y Wordpress multi-user (MU) versiones anteriores a 1.2.5a permiten a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro post_type en el método pingback.extensions.getPingbacks en el interfaz XMLRPC, y otros parámetros no especificados relativos a "escapado temprano de base de datos" y omisión de validación de "cadena de consulta como parámetros". • http://fedoranews.org/updates/FEDORA-2007-214.shtml http://secunia.com/advisories/26771 http://secunia.com/advisories/26796 http://trac.wordpress.org/ticket/4770 http://wordpress.org/development/2007/09/wordpress-223 http://www.buayacorp.com/files/wordpress/wordpress-sql-injection-advisory.html http://www.vupen.com/english/advisories/2007/3132 https://bugzilla.redhat.com/show_bug.cgi?id=285831 https://exchange.xforce.ibmcloud.com/vulnerabilities/36578 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 2CVE-2008-2146 – WordPress Core < 2.2.3 - Restriction Bypass
https://notcve.org/view.php?id=CVE-2008-2146
wp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current path from the PATH_INFO ($PHP_SELF), which allows remote attackers to bypass intended access restrictions for certain pages. El archivo wp-incluye/vars.php en Wordpress versiones anteriores a 2.2.3, no extrae apropiadamente la ruta (path) actual del PATH_INFO ($PHP_SELF), que permite a atacantes remotos omitir las restricciones de acceso previstas para ciertas páginas. • http://osvdb.org/45188 http://trac.wordpress.org/changeset/6029 http://trac.wordpress.org/changeset?old_path=tags%2F2.2.2&old=6063&new_path=tags%2F2.2.3&new=6063#file10 http://trac.wordpress.org/ticket/4748 https://exchange.xforce.ibmcloud.com/vulnerabilities/42379 • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 38EXPL: 0CVE-2008-0664 – WordPress Core < 2.3.3 - Improper Authorization Checks
https://notcve.org/view.php?id=CVE-2008-0664
The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors. La implementación XML-RPC (xmlrpc.php) en versiones anteriores a WordPress 2.3.3, cuando el registro está activado, permite a atacantes remotos editar mensajes de otros usuarios del blog a través de vectores desconocidos. • http://secunia.com/advisories/28823 http://secunia.com/advisories/28920 http://secunia.com/advisories/30960 http://wordpress.org/development/2008/02/wordpress-233 http://www.debian.org/security/2008/dsa-1601 http://www.securityfocus.com/bid/27669 http://www.securitytracker.com/id?1019316 http://www.village-idiot.org/archives/2008/02/02/wordpress-232-exploit-confirmed http://www.vupen.com/english/advisories/2008/0448 https://bugzilla.redhat.com/show_bug.cgi?id=431547 https:& • CWE-264: Permissions, Privileges, and Access Controls CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.8EPSS: 3%CPEs: 2EXPL: 3CVE-2008-5695 – WordPress Core < 2.3.3 & WordPress MU < 1.3.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2008-5695
wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script's pathname to active_plugins. wp-admin/options.php en versiones de WordPress MU anteriores a la 1.3.2, y WordPress 2.3.2 y anteriores, no valida las solicitudes de actualización de una opción, lo que permite a usuarios remotos que tengan las capacidades manage_options y upload_files y esten autenticados, ejecutar código arbitrario subiendo un Script PHP y añadiendo la ruta de este script a los plugins activos. • https://www.exploit-db.com/exploits/5066 http://mu.wordpress.org/forums/topic.php?id=7534&page&replies=1 http://secunia.com/advisories/28789 http://securityreason.com/securityalert/4798 http://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html http://www.buayacorp.com/files/wordpress/wp-blog-option-overwrite.txt http://www.securityfocus.com/bid/27633 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.4EPSS: 0%CPEs: 31EXPL: 0CVE-2007-4893 – WordPress Core <= 2.2.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-4893
wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a does not properly verify the unfiltered_html privilege, which allows remote attackers to conduct cross-site scripting (XSS) attacks via modified data to (1) post.php or (2) page.php with a no_filter field. wp-admin/admin-functions.php de Wordpress versiones anteriores a 2.2.3 y Wordpress multi-user (MU) versiones anteriores a 1.2.5a no verifican apropiadamente el privilegio unfiltered_html, lo cual permite a atacantes remotos conducir ataques de secuencias de comandos en sitios cruzados (XSS) mediante datos modificados en (1) post.php ó (2) page.php con un campo no filtrado. • http://fedoranews.org/updates/FEDORA-2007-214.shtml http://secunia.com/advisories/26771 http://secunia.com/advisories/26796 http://trac.wordpress.org/ticket/4720 http://wordpress.org/development/2007/09/wordpress-223 http://www.securityfocus.com/bid/25639 http://www.vupen.com/english/advisories/2007/3132 https://bugzilla.redhat.com/show_bug.cgi?id=285831 https://exchange.xforce.ibmcloud.com/vulnerabilities/36576 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •