CVE-2012-1786 – Videopack (formerly Video Embed & Thumbnail Generator) <= 1.1 - Full Path Disclosure
https://notcve.org/view.php?id=CVE-2012-1786
The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to obtain the installation path via unknown vectors. El formulario de subida de contenido multimedia del complemento Video Embed & Thumbnail Generator anteriores a la versión 2.0 para WordPress permite a atacantes remotos obtener la ruta de instalación a través de vectores sin especificar. • http://plugins.trac.wordpress.org/changeset?old_path=%2Fvideo-embed-thumbnail-generator&old=507924&new_path=%2Fvideo-embed-thumbnail-generator&new=507924 http://wordpress.org/extend/plugins/video-embed-thumbnail-generator/changelog http://www.securityfocus.com/bid/52652 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2012-1785 – Videopack (formerly Video Embed & Thumbnail Generator) < 2.0 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2012-1785
kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to execute arbitrary commands via unspecified vectors. kg_callffmpeg.php en el complemento de Wordpress "Video Embed & Thumbnail Generator" antes de v2.0 permite a atacantes remotos ejecutar comandos de su elección a través de vectores no especificados. The Videopack (formerly Video Embed & Thumbnail Generator) plugin for WordPress is vulnerable to remote code execution in versions up to 2.0 due to insufficient input validation on data supplied to the runCom() function that executes code. This makes it possible for attackers to run arbitrary code on the system. • http://plugins.trac.wordpress.org/changeset?old_path=%2Fvideo-embed-thumbnail-generator&old=507924&new_path=%2Fvideo-embed-thumbnail-generator&new=507924 http://secunia.com/advisories/48087 http://wordpress.org/extend/plugins/video-embed-thumbnail-generator/changelog http://www.securityfocus.com/bid/52180 https://exchange.xforce.ibmcloud.com/vulnerabilities/73508 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2011-5082 – s2Member® Framework (Membership, Member Level Roles, Access Capabilities, PayPal Members) < 111220 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-5082
Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[coupon] parameter (aka Coupon Code field). Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en el plugin de WordPress 's2Member Pro' antes de v111220 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro s2member_pro_authnet_checkout [coupon](también conocido como Código de cupón). • http://secunia.com/advisories/47954 http://www.primothemes.com/forums/viewtopic.php?f=4&t=16173#p56982 http://www.securityfocus.com/bid/51997 https://exchange.xforce.ibmcloud.com/vulnerabilities/73202 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-0937 – WordPress Core 3.3.1 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0937
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time ** CUESTIONADA ** wp-admin/setup-config.php en la instalación del componente en WordPress v3.3.1 y versiones anteriores. No limita el número de peticiones MySQL enviados a servidores externos de la base de datos MySQL, lo que permite que atacantes remotos que usan WordPress como proxy para ataques de fuerza-bruta o denegación de servicio ataquen a través del parámetro 'dbhost', una vulnerabilidad diferente que CVE-2011-4898. NOTA: El vendedor ha puesto en duda la importancia de este informe porque una instalación incompleta de WordPress debería presentarse en la red por un periodo de corto de tiempo. • https://www.exploit-db.com/exploits/18417 http://archives.neohapsis.com/archives/bugtraq/2012-01/0150.html http://www.exploit-db.com/exploits/18417 https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt •
CVE-2012-5229 – Slideshow Gallery <= 1.1.4 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-5229
Cross-site scripting (XSS) vulnerability in css/gallery-css.php in the Slideshow Gallery2 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the border parameter. Vulnerabilidad de ejecución de secuencias de comandos (XSS) css/gallery-css.php en el complemento Slideshow Gallery2 para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro border. • https://www.exploit-db.com/exploits/36631 http://packetstormsecurity.org/files/view/109114/wpslideshowgallery-xss.txt http://www.securityfocus.com/bid/51678 https://exchange.xforce.ibmcloud.com/vulnerabilities/72748 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •