WordPress — свободно распространяемая система управления содержимым сайта с открытым исходным кодом.
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 896
GHSA-34f4-j2gj-cg3x
In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This.
GHSA-4h7x-7f94-8hcj
In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata. This is demonstrated by both (1) mishandling of the playlist shortcode in the wp_playlist_shortcode function in wp-includes/media.php and (2) mishandling of meta information in the renderTracks function in wp-includes/js/mediaelement/wp-playlist.js.
GHSA-2wgv-28wx-hxv3
wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms.
GHSA-vqp9-3cmr-vgcc
WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.
GHSA-2h28-99xh-9cvg
wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks via a crafted URL.
GHSA-hgh7-wggh-fw3g
wp-includes/general-template.php in WordPress before 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow attackers to conduct XSS attacks via the language setting of a site.
GHSA-256m-wxxh-gf6h
wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.
GHSA-gv93-c8vm-3g8r
In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
GHSA-m2mg-2mqm-rpwh
In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality.
GHSA-pqh4-x29p-6xrc
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-34f4-j2gj-cg3x In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This. | CVSS3: 6.5 | 13% Средний | больше 3 лет назад |
| GHSA-4h7x-7f94-8hcj In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata. This is demonstrated by both (1) mishandling of the playlist shortcode in the wp_playlist_shortcode function in wp-includes/media.php and (2) mishandling of meta information in the renderTracks function in wp-includes/js/mediaelement/wp-playlist.js. | CVSS3: 5.4 | 2% Низкий | больше 3 лет назад |
| GHSA-2wgv-28wx-hxv3 wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms. | CVSS3: 5.3 | 1% Низкий | больше 3 лет назад |
| GHSA-vqp9-3cmr-vgcc WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php. | CVSS3: 8.8 | 87% Высокий | больше 3 лет назад |
| GHSA-2h28-99xh-9cvg wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks via a crafted URL. | CVSS3: 5.4 | 7% Низкий | больше 3 лет назад |
| GHSA-hgh7-wggh-fw3g wp-includes/general-template.php in WordPress before 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow attackers to conduct XSS attacks via the language setting of a site. | CVSS3: 5.4 | 6% Низкий | больше 3 лет назад |
| GHSA-256m-wxxh-gf6h wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file. | CVSS3: 5.4 | 2% Низкий | больше 3 лет назад |
| GHSA-gv93-c8vm-3g8r In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API. | CVSS3: 8.6 | 2% Низкий | больше 3 лет назад |
| GHSA-m2mg-2mqm-rpwh In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality. | CVSS3: 4.9 | 2% Низкий | больше 3 лет назад |
| GHSA-pqh4-x29p-6xrc wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name. | CVSS3: 5.3 | 2% Низкий | больше 3 лет назад |
Уязвимостей на страницу