Debian Wordpress vulnerabilities

CVE-2013-0236 [MEDIUM] CVE-2013-0236: wordpress - Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 al... Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the content of a post. Scope: local bookworm: resolved (fixed in 3.5.1+dfsg-1) bullseye: resolved (fixed in 3.5.1+dfsg-1) forky: resolved (fixed in 3.5.1+dfsg-1) sid: resolve

CVE-2013-7233 [MEDIUM] CVE-2013-7233: wordpress - Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp... Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2013-5739 [LOW] CVE-2013-5739: wordpress - The default configuration of WordPress before 3.6.1 does not prevent uploads of ... The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php. Scope: local bookworm: resolved (fixed in 3.6.1+dfsg-1) bullseye: r

CVE-2013-4340 [LOW] CVE-2013-4340: wordpress - wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated... wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter. Scope: local bookworm: resolved (fixed in 3.6.1+dfsg-1) bullseye: resolved (fixed in 3.6.1+dfsg-1) forky: resolved (fixed in 3.6.1+dfsg-1) sid: resolved (fixed in 3.6.1+dfsg-

CVE-2012-2399 [CRITICAL] CVE-2012-2399: wordpress - Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload 2.2.0.1 a... Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different vulnerability than CVE-2012-3414. Scope: local bookworm: resolved (fixed i

CVE-2012-2400 [CRITICAL] CVE-2012-2400: wordpress - Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3... Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impact and attack vectors. Scope: local bookworm: resolved (fixed in 3.3.2+dfsg-1) bullseye: resolved (fixed in 3.3.2+dfsg-1) forky: resolved (fixed in 3.3.2+dfsg-1) sid: resolved (fixed in 3.3.2+dfsg-1) trixie: resolved (fixed in 3.3.2+dfsg-1)

CVE-2012-6707 [HIGH] CVE-2012-6707: wordpress - WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which ... WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different

CVE-2012-2403 [MEDIUM] CVE-2012-2403: wordpress - wp-includes/formatting.php in WordPress before 3.3.2 attempts to enable clickabl... wp-includes/formatting.php in WordPress before 3.3.2 attempts to enable clickable links inside attributes, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. Scope: local bookworm: resolved (fixed in 3.3.2+dfsg-1) bullseye: resolved (fixed in 3.3.2+dfsg-1) forky: resolved (fixed in 3.3.2+dfsg-1) sid: r

CVE-2012-3414 [MEDIUM] CVE-2012-3414: wordpress - Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 a... Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function. Scope: local bookworm: resolved (fixed in 3.5.1+df

CVE-2012-3385 [MEDIUM] CVE-2012-3385: wordpress - WordPress before 3.4.1 does not properly restrict access to post contents such a... WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors. Scope: local bookworm: resolved (fixed in 3.4.1+dfsg-1) bullseye: resolved (fixed in 3.4.1+dfsg-1) forky: resolved (fixed in 3.4.1+dfsg-1) sid: resolved (fixed in

CVE-2012-4421 [MEDIUM] CVE-2012-4421: wordpress - The create_post function in wp-includes/class-wp-atom-server.php in WordPress be... The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol (aka AtomPub) feature. Scope: local bookworm: resolved (fixed i

CVE-2012-6635 [MEDIUM] CVE-2012-6635: wordpress - wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does n... wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict excerpt-view access, which allows remote authenticated users to obtain sensitive information by visiting a draft. Scope: local bookworm: resolved (fixed in 3.4+dfsg-1) bullseye: resolved (fixed in 3.4+dfsg-1) forky: resolved (fixed in 3.4+dfsg-1) sid: resolved (fix

CVE-2012-2404 [MEDIUM] CVE-2012-2404: wordpress - wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which... wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. Scope: local bookworm: resolved (fixed in 3.3.2+dfsg-1) bullseye: resolved (fixed in 3.3.2+dfsg-1) forky: resolved (fixed in 3.3.2+dfsg-1) sid: resolved (fixed in 3.3.2+dfsg-1)

CVE-2012-6633 [MEDIUM] CVE-2012-6633: wordpress - Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in W... Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in WordPress before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via an editable slug field. Scope: local bookworm: resolved (fixed in 3.4+dfsg-1) bullseye: resolved (fixed in 3.4+dfsg-1) forky: resolved (fixed in 3.4+dfsg-1) sid: resolved (fixed in 3.4+dfsg-1) trix

CVE-2012-2401 [MEDIUM] CVE-2012-2401: wordpress - Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3... Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content. Scope: local bookworm: resolved (fixed in 3.3.2+dfsg-1) bullseye: resolved (fixed in 3.3.2+dfsg

CVE-2012-6112 [MEDIUM] CVE-2012-6112: wordpress - classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon ... classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote attackers to trigger arbitrary outbound HTTP requests via a crafted str

CVE-2012-3384 [MEDIUM] CVE-2012-3384: wordpress - Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress b... Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Scope: local bookworm: resolved (fixed in 3.4.1+dfsg-1) bullseye: resolved (fixed in 3.4.1+dfsg-1) forky: resolved (fixed in 3.4.1+dfsg-1) sid: resolved (fixed in 3.4.1+dfsg-1)

CVE-2012-6634 [MEDIUM] CVE-2012-6634: wordpress - wp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to o... wp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to obtain sensitive information or bypass intended media-attachment restrictions via a post_id value. Scope: local bookworm: resolved (fixed in 3.4+dfsg-1) bullseye: resolved (fixed in 3.4+dfsg-1) forky: resolved (fixed in 3.4+dfsg-1) sid: resolved (fixed in 3.4+dfsg-1) trixie: resolved (f

CVE-2012-2402 [MEDIUM] CVE-2012-2402: wordpress - wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site ... wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors. Scope: local bookworm: resolved (fixed in 3.3.2+dfsg-1) bullseye: resolved (fixed in 3.3.2+dfsg-1) forky: resolved (fixed in 3.3.2+dfsg-1) sid: resolved (fixed in 3.3.2+df

CVE-2012-4422 [LOW] CVE-2012-4422: wordpress - wp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is en... wp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not check for network-administrator privileges before performing a network-wide activation of an installed plugin, which might allow remote authenticated users to make unintended plugin changes by leveraging the Administrator role. Scope: local bookworm: resolved (fixed in 3.4