Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.808256 |
Kategorie: | Web application abuses |
Titel: | WordPress Multiple Vulnerabilities July16 (Linux) |
Zusammenfassung: | WordPress is prone to multiple vulnerabilities. |
Beschreibung: | Summary: WordPress is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An insufficient validation of user supplied input via attachment name in the column_title function in 'wp-admin/includes/class-wp-media-list-table.php' script. - An error related to 'wp-admin/includes/ajax-actions.php' and 'wp-admin/revision.php' scripts. - An error in customizer. - An insufficient validation of user supplied input via attachment name in the wp_get_attachment_link function in 'wp-includes/post-template.php' script. - An error in 'oEmbed' protocol implementation. - Other multiple unspecified errors. Vulnerability Impact: Successfully exploiting this issue allow remote attacker to inject arbitrary web script or HTML, obtain sensitive information, bypass intended redirection restrictions, cause a denial of service and bypass intended password-change restrictions. Affected Software/OS: WordPress versions prior to 4.5.3 on Linux. Solution: Update to WordPress version 4.5.3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N |
Querverweis: |
BugTraq ID: 91362 BugTraq ID: 91368 BugTraq ID: 91366 BugTraq ID: 91363 BugTraq ID: 91365 BugTraq ID: 91367 BugTraq ID: 91364 Common Vulnerability Exposure (CVE) ID: CVE-2016-5832 http://www.securityfocus.com/bid/91362 Debian Security Information: DSA-3639 (Google Search) http://www.debian.org/security/2016/dsa-3639 https://wpvulndb.com/vulnerabilities/8522 http://www.securitytracker.com/id/1036163 Common Vulnerability Exposure (CVE) ID: CVE-2016-5833 http://www.securityfocus.com/bid/91368 https://wpvulndb.com/vulnerabilities/8518 Common Vulnerability Exposure (CVE) ID: CVE-2016-5834 Common Vulnerability Exposure (CVE) ID: CVE-2016-5835 http://www.securityfocus.com/bid/91366 https://wpvulndb.com/vulnerabilities/8519 Common Vulnerability Exposure (CVE) ID: CVE-2016-5836 http://www.securityfocus.com/bid/91363 https://wpvulndb.com/vulnerabilities/8523 https://lists.debian.org/debian-lts-announce/2018/07/msg00046.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5837 http://www.securityfocus.com/bid/91365 https://wpvulndb.com/vulnerabilities/8520 Common Vulnerability Exposure (CVE) ID: CVE-2016-5838 http://www.securityfocus.com/bid/91367 https://wpvulndb.com/vulnerabilities/8524 Common Vulnerability Exposure (CVE) ID: CVE-2016-5839 http://www.securityfocus.com/bid/91364 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |