Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.808256
Kategorie:Web application abuses
Titel:WordPress Multiple Vulnerabilities July16 (Linux)
Zusammenfassung:WordPress is prone to multiple vulnerabilities.
Beschreibung:Summary:
WordPress is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An insufficient validation of user supplied input via attachment name in
the column_title function in 'wp-admin/includes/class-wp-media-list-table.php'
script.

- An error related to 'wp-admin/includes/ajax-actions.php' and
'wp-admin/revision.php' scripts.

- An error in customizer.

- An insufficient validation of user supplied input via attachment name in
the wp_get_attachment_link function in 'wp-includes/post-template.php'
script.

- An error in 'oEmbed' protocol implementation.

- Other multiple unspecified errors.

Vulnerability Impact:
Successfully exploiting this issue allow
remote attacker to inject arbitrary web script or HTML, obtain sensitive
information, bypass intended redirection restrictions, cause a denial
of service and bypass intended password-change restrictions.

Affected Software/OS:
WordPress versions prior to 4.5.3 on Linux.

Solution:
Update to WordPress version 4.5.3 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Querverweis: BugTraq ID: 91362
BugTraq ID: 91368
BugTraq ID: 91366
BugTraq ID: 91363
BugTraq ID: 91365
BugTraq ID: 91367
BugTraq ID: 91364
Common Vulnerability Exposure (CVE) ID: CVE-2016-5832
http://www.securityfocus.com/bid/91362
Debian Security Information: DSA-3639 (Google Search)
http://www.debian.org/security/2016/dsa-3639
https://wpvulndb.com/vulnerabilities/8522
http://www.securitytracker.com/id/1036163
Common Vulnerability Exposure (CVE) ID: CVE-2016-5833
http://www.securityfocus.com/bid/91368
https://wpvulndb.com/vulnerabilities/8518
Common Vulnerability Exposure (CVE) ID: CVE-2016-5834
Common Vulnerability Exposure (CVE) ID: CVE-2016-5835
http://www.securityfocus.com/bid/91366
https://wpvulndb.com/vulnerabilities/8519
Common Vulnerability Exposure (CVE) ID: CVE-2016-5836
http://www.securityfocus.com/bid/91363
https://wpvulndb.com/vulnerabilities/8523
https://lists.debian.org/debian-lts-announce/2018/07/msg00046.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5837
http://www.securityfocus.com/bid/91365
https://wpvulndb.com/vulnerabilities/8520
Common Vulnerability Exposure (CVE) ID: CVE-2016-5838
http://www.securityfocus.com/bid/91367
https://wpvulndb.com/vulnerabilities/8524
Common Vulnerability Exposure (CVE) ID: CVE-2016-5839
http://www.securityfocus.com/bid/91364
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.