CVE-2008-0192 – WordPress Core <= 2.0.9 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-0192
Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the popuptitle parameter to (1) wp-admin/post.php or (2) wp-admin/page-new.php. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en WordPress 2.0.9 y anteriores permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro popuptitle de (1) wp-admin/post.php o (2) wp-admin/page-new.php. • https://www.exploit-db.com/exploits/30978 https://www.exploit-db.com/exploits/30977 http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html http://securityreason.com/securityalert/3539 http://securityvulns.ru/Sdocument714.html http://websecurity.com.ua/1658 http://www.securityfocus.com/archive/1/485786/100/0/threaded http://www.securityfocus.com/bid/27123 https://exchange.xforce.ibmcloud.com/vulnerabilities/39426 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-1244 – WordPress Core <= 2.1.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-1244
Cross-site request forgery (CSRF) vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting (XSS) attacks and steal cookies via the post parameter. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en el AdminPanel en WordPress 2.1.1 y anteriores permite a atacantes remotos realizar acciones privilegiadas como administradores, como se demostró con el uso de una acción de borrado en wp-admin/post.php. NOTA: este asunto podría estar apalancado en los ataques de secuencias de comandos en sitios cruzados (XSS) y robar cookies a través del parámetro post. • https://www.exploit-db.com/exploits/29682 http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0583.html http://osvdb.org/33787 http://osvdb.org/33788 http://secunia.com/advisories/24566 http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml http://www.securityfocus.com/archive/1/461351/100/0/threaded http://www.securityfocus.com/bid/22735 https://exchange.xforce.ibmcloud.com/vulnerabilities/32703 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-1049 – WordPress Core < 2.09 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-1049
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to wp-admin/templates.php, and possibly other vectors involving the action variable. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la función wp_explain_nonce de la funcionalidad nonce AYS (wp-includes/functions.php) para WordPress 2.0 anterior a 2.0.9 y 2.1 anterior a 2.1.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante el parámetro file a wp-admin/templates.php, y posiblemente otros vectores que implican la variable action. • https://www.exploit-db.com/exploits/29598 http://downloads.securityfocus.com/vulnerabilities/exploits/22534.html http://osvdb.org/33766 http://secunia.com/advisories/24306 http://secunia.com/advisories/24566 http://trac.wordpress.org/changeset/4876 http://trac.wordpress.org/changeset/4877 http://trac.wordpress.org/ticket/3781 http://www.gentoo.org/security/en/glsa/glsa-200703-23.xml http://www.securityfocus.com/bid/22534 http://www.vupen.com/english/advisories/2007/0741 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-0700 – WordPress Core <= 3.0.4 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-0700
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to (1) the Quick/Bulk Edit title (aka post title or post_title), (2) post_status, (3) comment_status, (4) ping_status, and (5) escaping of tags within the tags meta box. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Wordpress en versiones anteriores a v3.0.5, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro (1) Quick/Bulk Edit title (también conocido como post title or post_title), (2) post_status, (3) comment_status, (4) ping_status, y (5)saliendo de tags sin usar tags meta box . • http://codex.wordpress.org/Version_3.0.5 http://core.trac.wordpress.org/changeset/17397 http://core.trac.wordpress.org/changeset/17401 http://core.trac.wordpress.org/changeset/17406 http://core.trac.wordpress.org/changeset/17412 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056412.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056998.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/057003.html http://openwall.com/lists • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-0540 – WordPress Core 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure
https://notcve.org/view.php?id=CVE-2007-0540
WordPress allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data. WordPress permite a atacantes remotos provocar una denegación de servicio (agotamiento de ancho de banda o hilos) mediante llamadas al servicio de pingback con un URI origen que corresponde a un archivo con un tipo de contenido binario, que es descargado incluso aunque no puede contener datos de pingback utilizables. • https://www.exploit-db.com/exploits/29522 http://secunia.com/advisories/30013 http://securityreason.com/securityalert/2191 http://www.debian.org/security/2008/dsa-1564 http://www.securityfocus.com/archive/1/457996/100/0/threaded http://www.securityfocus.com/archive/1/458003/100/0/threaded •