Debian Wordpress vulnerabilities

CVE-2015-5623 [MEDIUM] CVE-2015-5623: wordpress - WordPress before 4.2.3 does not properly verify the edit_posts capability, which... WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authenticated users to bypass intended access restrictions and create drafts by leveraging the Subscriber role, as demonstrated by a post-quickdraft-save action to wp-admin/post.php. Scope: local bookworm: resolved (fixed in 4.2.3+dfsg-1) bullseye: resolved (fixed in 4.2

CVE-2015-5734 [MEDIUM] CVE-2015-5734: wordpress - Cross-site scripting (XSS) vulnerability in the legacy theme preview implementat... Cross-site scripting (XSS) vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string. Scope: local bookworm: resolved (fixed in 4.2.4+dfsg-1) bullseye: resolved (fixed in 4.2.4+dfsg-1) forky: resolved (fixed in 4.2.4+dfsg-1) sid: re

CVE-2015-3438 [MEDIUM] CVE-2015-3438: wordpress - Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, w... Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that reaches the database layer, as demonstrated by a crafted character in a comment. Scope: local bookworm: resolved (fixed

CVE-2015-5714 [MEDIUM] CVE-2015-5714: wordpress - Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote... Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags. Scope: local bookworm: resolved (fixed in 4.3.1+dfsg-1) bullseye: resolved (fixed in 4.3.1+dfsg-1) forky: resolved (fixed in 4.3.1+dfsg-1) sid:

CVE-2015-5731 [MEDIUM] CVE-2015-5731: wordpress - Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPres... Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing blockage), via a get-post-lock action. Scope: local bookworm: resolved (fixed in 4.2.4+dfsg-1) bullseye: resolved (fi

CVE-2015-3440 [MEDIUM] CVE-2015-3440: wordpress - Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress b... Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type. Scope: local bookworm: resolved (fixed in 4.2.1+dfsg-1) bullseye: resolved (fixed in 4.2.1+dfsg-1) forky: resolved

CVE-2015-5732 [MEDIUM] CVE-2015-5732: wordpress - Cross-site scripting (XSS) vulnerability in the form function in the WP_Nav_Menu... Cross-site scripting (XSS) vulnerability in the form function in the WP_Nav_Menu_Widget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title. Scope: local bookworm: resolved (fixed in 4.2.4+dfsg-1) bullseye: resolved (fixed in 4.2.4+dfsg-1) forky: resolved (fixed in 4.2

CVE-2015-5622 [LOW] CVE-2015-5622: wordpress - Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote... Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a crafted shortcode inside an HTML element, related to wp-includes/kses.php and wp-includes/shortcodes.php. Scope: local bookworm: resolved (fixed in 4.2.3+dfsg-1) bullseye: r

CVE-2014-5203 [HIGH] CVE-2014-5203: wordpress - wp-includes/class-wp-customize-widgets.php in the widget implementation in WordP... wp-includes/class-wp-customize-widgets.php in the widget implementation in WordPress 3.9.x before 3.9.2 might allow remote attackers to execute arbitrary code via crafted serialized data. Scope: local bookworm: resolved (fixed in 3.9.2+dfsg-1) bullseye: resolved (fixed in 3.9.2+dfsg-1) forky: resolved (fixed in 3.9.2+dfsg-1) sid: resolved (fixed in 3.9.2+dfsg-1) tri

CVE-2014-2053 [HIGH] CVE-2014-2053: php-getid3 - getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before... getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack. Scope: local bookworm: resolved (fixed in 1.9.7-2) bullseye: resolved (fixed in 1.9.7-2) forky: resolved (fixed in 1.9.7-2) sid: res

CVE-2014-0165 [MEDIUM] CVE-2014-0165: wordpress - WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users ... WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-wp-posts-list-table.php. Scope: local bookworm: resolved (fixed in 3.8.2+dfsg-1) bullseye: resolved (fixed in 3.8.2+dfsg-1) forky: resolved (fixed in 3.8.2+dfsg-1) sid

CVE-2014-9034 [MEDIUM] CVE-2014-9034: wordpress - wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.... wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016. Scope: local bookworm: resolved (fixed in 4.0.1+dfsg-1) bullseye: resolved (fixed

CVE-2014-5266 [MEDIUM] CVE-2014-5266: wordpress - The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal ... The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of elements in an XML document, which allows remote attackers to cause a denial of service (CPU consumption) via a large document, a different vulnerability than CVE-2014-5265. Scope: local bookworm: resolved (fixed in 3.9.

CVE-2014-9038 [MEDIUM] CVE-2014-9038: wordpress - wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before... wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to conduct server-side request forgery (SSRF) attacks by referring to a 127.0.0.0/8 resource. Scope: local bookworm: resolved (fixed in 4.0.1+dfsg-1) bullseye: resolved (fixed in 4.0.1+dfsg-1) forky: resolved (fixed in 4.0.1+dfsg-1)

CVE-2014-9035 [MEDIUM] CVE-2014-9035: wordpress - Cross-site scripting (XSS) vulnerability in Press This in WordPress before 3.7.5... Cross-site scripting (XSS) vulnerability in Press This in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Scope: local bookworm: resolved (fixed in 4.0.1+dfsg-1) bullseye: resolved (fixed in 4.0.1+dfsg-1) forky: resolved (fixed in 4.0.1+dfsg

CVE-2014-5265 [MEDIUM] CVE-2014-5265: wordpress - The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal ... The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity referenc

CVE-2014-0166 [MEDIUM] CVE-2014-0166: wordpress - The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress b... The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie. Scope: local bookworm: resolved (fixed in 3.8.2+dfsg-1) bullseye: resolved (fixed in 3.8.2+dfsg-1) for

CVE-2014-5205 [MEDIUM] CVE-2014-5205: wordpress - wp-includes/pluggable.php in WordPress before 3.9.2 does not use delimiters duri... wp-includes/pluggable.php in WordPress before 3.9.2 does not use delimiters during concatenation of action values and uid values in CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack. Scope: local bookworm: resolved (fixed in 3.9.2+dfsg-1) bullseye: resolved (fixed in 3.9.2+dfsg-1) forky: resolved

CVE-2014-9036 [MEDIUM] CVE-2014-9036: wordpress - Cross-site scripting (XSS) vulnerability in WordPress before 3.7.5, 3.8.x before... Cross-site scripting (XSS) vulnerability in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted Cascading Style Sheets (CSS) token sequence in a post. Scope: local bookworm: resolved (fixed in 4.0.1+dfsg-1) bullseye: resolved (fixed in 4.0.1+dfsg-1) forky:

CVE-2014-9039 [MEDIUM] CVE-2014-9039: wordpress - wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, ... wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to reset passwords by leveraging access to an e-mail account that received a password-reset message. Scope: local bookworm: resolved (fixed in 4.0.1+dfsg-1) bullseye: resolved (fixed in 4.0.1+dfsg-1) forky: resolved (fixed in 4.0.1+dfsg