Page 59 of 660 results (0.007 seconds)

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2013-5739 – WordPress Core < 3.6.1 - .swf and .exe File Upload

https://notcve.org/view.php?id=CVE-2013-5739

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php. La configuración por defecto de Wordpress anteriores a 3.6.1 no previene la carga de archivos .swf y .exe, lo que podría hacer fácil para un usuario remoto autentificado realizar ataques cross-site scripting (XSS) a través de archivos manipulados, relacionado con la función get_allowed_mime_types en wp-includes/functions.php. • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25322 http://wordpress.org/news/2013/09/wordpress-3-6-1 http://www.debian.org/security/2013/dsa-2757 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 2

CVE-2013-4339 – WordPress Core < 3.6.1 - Open Redirect

https://notcve.org/view.php?id=CVE-2013-4339

WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string. WordPress anterior a v3.6.1 no valida adecuadamente las URLs antes de su uso en una redirección HTTP, lo que permite a atacantes remotos evitar las restricciones establecidas a las redirecciones a través de una cadena hecha mano. WordPress version 3.6 suffers from multiple URL redirection restriction bypass vulnerabilities. • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25323 http://core.trac.wordpress.org/changeset/25324 http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116828.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116832.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117118.html http://seclists.org/fulldisclosure/2013/Dec/174 http://wordpress.org/news/2013/09/wordpress-3-6-1 http:/ • CWE-20: Improper Input Validation CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 8.8EPSS: 10%CPEs: 1EXPL: 1

CVE-2013-4338 – WordPress Core < 3.6.1 - Deserialization

https://notcve.org/view.php?id=CVE-2013-4338

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations. wp-includes/functions.php en WordPress anterior a 3.6.1 no determina apropiadamente si los datos han sido serializados lo que permite a usuarios remotos ejecutar codigo arbitrario lanzando operaciones PHP erróneas de deserialización • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25325 http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116828.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116832.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117118.html http://wordpress.org/news/2013/09/wordpress-3-6-1 http://www.debian.org/security/2013/dsa-2757 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 7

CVE-2013-5673 – Testimonial < 2.3 - SQL Injection

https://notcve.org/view.php?id=CVE-2013-5673

SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the custom_query parameter in a testimonial_add action to wp-admin/admin-ajax.php. Vulnerabilidad de inyección SQL en testimonial.php en el plugin IndiaNIC Testimonial 2.2 para WordPress permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro custom_query en una acción testimonial_add a wp-admin/admin-ajax.php. • https://www.exploit-db.com/exploits/28054 http://archives.neohapsis.com/archives/bugtraq/2013-09/0006.html http://osvdb.org/96793 http://packetstormsecurity.com/files/123036 http://seclists.org/fulldisclosure/2013/Sep/5 http://seclists.org/oss-sec/2013/q3/531 http://www.exploit-db.com/exploits/28054 http://www.securityfocus.com/bid/62108 https://exchange.xforce.ibmcloud.com/vulnerabilities/86847 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 4

CVE-2013-5672 – Testimonial < 2.3 - Cross-Site Request Forgery

https://notcve.org/view.php?id=CVE-2013-5672

Multiple cross-site request forgery (CSRF) vulnerabilities in the IndiaNIC Testimonial plugin 2.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add a testimonial via an iNIC_testimonial_save action; (2) add a listing template via an iNIC_testimonial_save_listing_template action; (3) add a widget template via an iNIC_testimonial_save_widget action; insert cross-site scripting (XSS) sequences via the (4) project_name, (5) project_url, (6) client_name, (7) client_city, (8) client_state, (9) description, (10) tags, (11) video_url, or (12) is_featured, (13) title, (14) widget_title, (15) no_of_testimonials, (16) filter_by_country, (17) filter_by_tags, or (18) widget_template parameter to wp-admin/admin-ajax.php. Multiples vulnerabilidades cross-site request forgery (CSRF) en la extensión extensión IndiaNIC Testimonial 2.2 para WordPress permiten a un atacante remoto secuestrar la autentificación de administradores para peticiones que: (1) añaden un testimonio a través de una acción iNIC_testimonial_save; (2) añadir una plantilla de listado a través de una acción iNIC_testimonial_save_listing_template; (3) añadir una plantilla de widget a través de una acción iNIC_testimonial_save_widget Insertar secuencias cross-site scripting (XSS) a través del parámetro (4) project_name, (5) project_url, (7) client_city, (8) client_state, (9) description, (10) tags, (11) video_url, o (12) is_featured, (13) title, (14) widget_title, (15) no_of_testimonials, (16) filter_by_country, (17) filter_by_tags, o (18) widget_template a wp-admin/admin-ajax.php. • https://www.exploit-db.com/exploits/28054 http://archives.neohapsis.com/archives/bugtraq/2013-09/0006.html http://osvdb.org/96792 http://packetstormsecurity.com/files/123036 http://seclists.org/fulldisclosure/2013/Sep/5 http://seclists.org/oss-sec/2013/q3/531 http://secunia.com/advisories/54640 http://www.exploit-db.com/exploits/28054 http://www.securityfocus.com/bid/62109 https://exchange.xforce.ibmcloud.com/vulnerabilities/86846 • CWE-352: Cross-Site Request Forgery (CSRF) •