Page 60 of 701 results (0.011 seconds)

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2013-5738 – WordPress Core < 3.6.1 - HTML File Upload

https://notcve.org/view.php?id=CVE-2013-5738

The get_allowed_mime_types function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfiltered_html capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file. La función get_allowed_mime_types en wp-includes/functions.php de WordPress anterior a 3.6.1 no requiere la capacidad unfiltered_html para subidas de ficheros .htm y .html lo cual podría facilitar a usuarios remotos autenticados realizar un ataque cross-site scripting (XSS) a través de un fichero manipulado • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25322 http://wordpress.org/news/2013/09/wordpress-3-6-1 http://www.debian.org/security/2013/dsa-2757 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2013-5739 – WordPress Core < 3.6.1 - .swf and .exe File Upload

https://notcve.org/view.php?id=CVE-2013-5739

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php. La configuración por defecto de Wordpress anteriores a 3.6.1 no previene la carga de archivos .swf y .exe, lo que podría hacer fácil para un usuario remoto autentificado realizar ataques cross-site scripting (XSS) a través de archivos manipulados, relacionado con la función get_allowed_mime_types en wp-includes/functions.php. • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25322 http://wordpress.org/news/2013/09/wordpress-3-6-1 http://www.debian.org/security/2013/dsa-2757 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 2

CVE-2013-4339 – WordPress Core < 3.6.1 - Open Redirect

https://notcve.org/view.php?id=CVE-2013-4339

WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string. WordPress anterior a v3.6.1 no valida adecuadamente las URLs antes de su uso en una redirección HTTP, lo que permite a atacantes remotos evitar las restricciones establecidas a las redirecciones a través de una cadena hecha mano. WordPress version 3.6 suffers from multiple URL redirection restriction bypass vulnerabilities. • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25323 http://core.trac.wordpress.org/changeset/25324 http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116828.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116832.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117118.html http://seclists.org/fulldisclosure/2013/Dec/174 http://wordpress.org/news/2013/09/wordpress-3-6-1 http:/ • CWE-20: Improper Input Validation CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 8.8EPSS: 10%CPEs: 1EXPL: 1

CVE-2013-4338 – WordPress Core < 3.6.1 - Deserialization

https://notcve.org/view.php?id=CVE-2013-4338

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations. wp-includes/functions.php en WordPress anterior a 3.6.1 no determina apropiadamente si los datos han sido serializados lo que permite a usuarios remotos ejecutar codigo arbitrario lanzando operaciones PHP erróneas de deserialización • http://codex.wordpress.org/Version_3.6.1 http://core.trac.wordpress.org/changeset/25325 http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116828.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116832.html http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117118.html http://wordpress.org/news/2013/09/wordpress-3-6-1 http://www.debian.org/security/2013/dsa-2757 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 7

CVE-2013-5673 – Testimonial < 2.3 - SQL Injection

https://notcve.org/view.php?id=CVE-2013-5673

SQL injection vulnerability in testimonial.php in the IndiaNIC Testimonial plugin 2.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the custom_query parameter in a testimonial_add action to wp-admin/admin-ajax.php. Vulnerabilidad de inyección SQL en testimonial.php en el plugin IndiaNIC Testimonial 2.2 para WordPress permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro custom_query en una acción testimonial_add a wp-admin/admin-ajax.php. • https://www.exploit-db.com/exploits/28054 http://archives.neohapsis.com/archives/bugtraq/2013-09/0006.html http://osvdb.org/96793 http://packetstormsecurity.com/files/123036 http://seclists.org/fulldisclosure/2013/Sep/5 http://seclists.org/oss-sec/2013/q3/531 http://www.exploit-db.com/exploits/28054 http://www.securityfocus.com/bid/62108 https://exchange.xforce.ibmcloud.com/vulnerabilities/86847 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •