CVSS: 6.5EPSS: 80%CPEs: 1EXPL: 11CVE-2019-8943 – WordPress Core <= 5.0.3 - Path Traversal and Local File Inclusion
https://notcve.org/view.php?id=CVE-2019-8943
19 Feb 2019 — WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring. WordPress hasta la versión 5.0.3 permite saltos de directorio en wp_crop_image(). • https://packetstorm.news/files/id/161213 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 8.8EPSS: 86%CPEs: 11EXPL: 11CVE-2019-8942 – WordPress Core < 5.0.1 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-8942
19 Feb 2019 — WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943. WordPress, en versiones anteriores a la 4.99 y en las 5.x anteriores a la 5.0.1, permite la ejecución remota de código debido a qu... • https://packetstorm.news/files/id/152396 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0CVE-2018-20147 – WordPress Core < 5.0.1 - Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2018-20147
12 Dec 2018 — In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files. En WordPress, en versiones anteriores a la 4.9.9 y versiones 5.x anteriores a la 5.0.1, los autores podrían modificar metadatos para omitir las restricciones planeadas de la eliminación de archivos. Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and PHP injections attacks, delet... • http://www.securityfocus.com/bid/106220 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 2CVE-2018-20148 – WordPress Core < 5.0.1 - PHP Object Injection
https://notcve.org/view.php?id=CVE-2018-20148
12 Dec 2018 — In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php. En WordPress, en versiones anteriores a la 4.9.9 y versiones 5.x anteriores a la 5.0.1, los contribuyentes pueden llevar a cabo ataques de inyección de objetos PHP mediante metadatos manipulados en una llamada wp.getMe... • https://github.com/nth347/CVE-2018-20148_exploit • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2018-20149 – WordPress Core < 5.0.1 - Stored Cross-Site Scripting via File Uploads
https://notcve.org/view.php?id=CVE-2018-20149
12 Dec 2018 — In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data. En WordPress, en versiones anteriores a la 4.9.9 y versiones 5.x anteriores a la 5.0.1, cuando se emplea el servidor HTTP de Apache, los autores podrían subir archivos arbitrarios que omiten las restricciones de tipo MIME planeadas, lo que conduce a Cross-Site Scripting (XSS). Est... • http://www.securityfocus.com/bid/106220 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2018-20150 – WordPress Core < 5.0.1 Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-20150
12 Dec 2018 — In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins. En WordPress, en versiones anteriores a la 4.9.9 y versiones 5.x anteriores a la 5.0.1, las URL manipuladas podrían desencadenar Cross-Site Scripting (XSS) para ciertos casos de uso relacionados con los plugins. Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and PHP injections attacks, d... • http://www.securityfocus.com/bid/106220 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-20151 – WordPress Core < 5.0.1 - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2018-20151
12 Dec 2018 — In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was generated by default. En WordPress, en versiones anteriores a la 4.9.9 y versiones 5.x anteriores a la 5.0.1, la página de activación de usuarios podría ser leída por el crawler web de un motor de búsqueda si se elige una configuración inusual. ... • http://www.securityfocus.com/bid/106220 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-20152 – WordPress Core < 5.0.1 - Authorization Bypass
https://notcve.org/view.php?id=CVE-2018-20152
12 Dec 2018 — In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input. En WordPress, en versiones anteriores a la 4.9.9 y versiones 5.x anteriores a la 5.0.1, los autores podrían omitir las restricciones planeadas sobre los tipos de publicación mediante entradas manipuladas. Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and PHP injections attacks, dele... • http://www.securityfocus.com/bid/106220 • CWE-20: Improper Input Validation CWE-285: Improper Authorization •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2018-20153 – WordPress Core < 5.0.1 - Authenticated Stored Cross-Site Scripting via Comments
https://notcve.org/view.php?id=CVE-2018-20153
12 Dec 2018 — In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS. En WordPress, en versiones anteriores a la 4.9.9 y versiones 5.x anteriores a la 5.0.1, los contribuyentes podrían modificar nuevos comentarios realizados por los usuarios con mayores privilegios, lo que podría provocar Cross-Site Scripting (XSS). Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform ... • http://www.securityfocus.com/bid/106220 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-19296 – Ubuntu Security Notice USN-5956-2
https://notcve.org/view.php?id=CVE-2018-19296
16 Nov 2018 — PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack. PHPMailer en versiones anteriores a la 5.2.27 y versiones 6.x anteriores a la 6.0.6 es vulnerable a un ataque de inyección de objetos. Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. • https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.27 • CWE-502: Deserialization of Untrusted Data CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •