exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2013-5739

около 12 лет назад

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

CVSS2: 3.5

EPSS: Низкий

CVE-2013-5739

около 12 лет назад

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

CVSS2: 3.5

EPSS: Низкий

CVE-2013-5739

около 12 лет назад

The default configuration of WordPress before 3.6.1 does not prevent u ...

CVSS2: 3.5

EPSS: Низкий

GHSA-v4p8-jvp4-22m6

больше 3 лет назад

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2013-5739 The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.	CVSS2: 3.5	0% Низкий	около 12 лет назад
CVE-2013-5739 The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.	CVSS2: 3.5	0% Низкий	около 12 лет назад
CVE-2013-5739 The default configuration of WordPress before 3.6.1 does not prevent u ...	CVSS2: 3.5	0% Низкий	около 12 лет назад
GHSA-v4p8-jvp4-22m6 The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.		0% Низкий	больше 3 лет назад

Уязвимостей на страницу