Changeset View
Changeset View
Standalone View
Standalone View
vuln.xml
Context not available. | |||||
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.) | * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) | ||||
--> | --> | ||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> | <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> | ||||
<vuln vid="a5bb7ea0-3e58-11e7-94a2-00e04c1ea73d"> | |||||
<topic>Wordpress -- multible vulnerabilities</topic> | |||||
<affects> | |||||
<package> | |||||
<name>wordpress</name> | |||||
<range><lt>4.7.5,1</lt></range> | |||||
</package> | |||||
<package> | |||||
<name>de-wordpress</name> | |||||
<name>fr-wordpress</name> | |||||
<name>ja-wordpress</name> | |||||
<name>ru-wordpress</name> | |||||
<name>zh-wordpress-zh_CN</name> | |||||
<name>zh-wordpress-zh_TW</name> | |||||
<range><lt>4.7.5,1</lt></range> | |||||
</package> | |||||
</affects> | |||||
<description> | |||||
<body xmlns="http://www.w3.org/1999/xhtml"> | |||||
<blockquote cite="https://wordpress.org/news/2017/05/wordpress-4-7-5/"> | |||||
<p>WordPress versions 4.7.4 and earlier are affected by six security issues</p> | |||||
<ul> | |||||
<li>Insufficient redirect validation in the HTTP class.</li> | |||||
<li>Improper handling of post meta data values in the XML-RPC API.</li> | |||||
<li>Lack of capability checks for post meta data in the XML-RPC API.</li> | |||||
<li>A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog.</li> | |||||
<li>A cross-site scripting (XSS) vulnerability was discovered related to the Customizer.</li> | |||||
</ul> | |||||
</blockquote> | |||||
</body> | |||||
</description> | |||||
<references> | |||||
<url>https://wordpress.org/news/2017/05/wordpress-4-7-5/</url> | |||||
</references> | |||||
<dates> | |||||
<discovery>2017-05-16</discovery> | |||||
<entry>2017-05-21</entry> | |||||
</dates> | |||||
</vuln> | |||||
<vuln vid="fab87bff-3ce5-11e7-bf9d-001999f8d30b"> | <vuln vid="fab87bff-3ce5-11e7-bf9d-001999f8d30b"> | ||||
<topic>asterisk -- Memory exhaustion on short SCCP packets</topic> | <topic>asterisk -- Memory exhaustion on short SCCP packets</topic> | ||||
<affects> | <affects> | ||||
Context not available. |