 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.808255 |
| Categoría: | Web application abuses |
| Título: | WordPress Multiple Vulnerabilities (Jul 2016) - Windows |
| Resumen: | WordPress is prone to multiple vulnerabilities. |
| Descripción: | Summary: WordPress is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An insufficient validation of user supplied input via attachment name in the column_title function in 'wp-admin/includes/class-wp-media-list-table.php' script. - An error related to 'wp-admin/includes/ajax-actions.php' and 'wp-admin/revision.php' scripts. - An error in customizer. - An insufficient validation of user supplied input via attachment name in the wp_get_attachment_link function in 'wp-includes/post-template.php' script. - An error in 'oEmbed' protocol implementation. - Other multiple unspecified errors. Vulnerability Impact: Successfully exploiting this issue allow remote attacker to inject arbitrary web script or HTML, obtain sensitive information, bypass intended redirection restrictions, cause a denial of service and bypass intended password-change restrictions. Affected Software/OS: WordPress versions prior to 4.5.3 on Windows. Solution: Update to WordPress version 4.5.3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-5832 BugTraq ID: 91362 http://www.securityfocus.com/bid/91362 Debian Security Information: DSA-3639 (Google Search) http://www.debian.org/security/2016/dsa-3639 https://wpvulndb.com/vulnerabilities/8522 http://www.securitytracker.com/id/1036163 Common Vulnerability Exposure (CVE) ID: CVE-2016-5833 BugTraq ID: 91368 http://www.securityfocus.com/bid/91368 https://wpvulndb.com/vulnerabilities/8518 Common Vulnerability Exposure (CVE) ID: CVE-2016-5834 Common Vulnerability Exposure (CVE) ID: CVE-2016-5835 BugTraq ID: 91366 http://www.securityfocus.com/bid/91366 https://wpvulndb.com/vulnerabilities/8519 Common Vulnerability Exposure (CVE) ID: CVE-2016-5836 BugTraq ID: 91363 http://www.securityfocus.com/bid/91363 https://wpvulndb.com/vulnerabilities/8523 https://lists.debian.org/debian-lts-announce/2018/07/msg00046.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5837 BugTraq ID: 91365 http://www.securityfocus.com/bid/91365 https://wpvulndb.com/vulnerabilities/8520 Common Vulnerability Exposure (CVE) ID: CVE-2016-5838 BugTraq ID: 91367 http://www.securityfocus.com/bid/91367 https://wpvulndb.com/vulnerabilities/8524 Common Vulnerability Exposure (CVE) ID: CVE-2016-5839 BugTraq ID: 91364 http://www.securityfocus.com/bid/91364 |
| Copyright | Copyright (C) 2016 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |