exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2017-14990

больше 7 лет назад

WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).

CVSS3: 6.5

EPSS: Низкий

CVE-2017-14990

больше 7 лет назад

WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).

CVSS3: 6.5

EPSS: Низкий

CVE-2017-14990

больше 7 лет назад

WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but ...

CVSS3: 6.5

EPSS: Низкий

GHSA-vhx7-jpm9-345w

около 3 лет назад

WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).

CVSS3: 6.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-14990 WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).	CVSS3: 6.5	1% Низкий	больше 7 лет назад
CVE-2017-14990 WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).	CVSS3: 6.5	1% Низкий	больше 7 лет назад
CVE-2017-14990 WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but ...	CVSS3: 6.5	1% Низкий	больше 7 лет назад
GHSA-vhx7-jpm9-345w WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).	CVSS3: 6.5	1% Низкий	около 3 лет назад

Уязвимостей на страницу