2231 lines
73 KiB
XML
2231 lines
73 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<vulnerabilities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:noNamespaceSchemaLocation="vuln.xsd">
|
|
|
|
<wordpress version="3.6">
|
|
<vulnerability>
|
|
<title>PHP Object Injection</title>
|
|
<references>
|
|
<url>http://vagosec.org/2013/09/wordpress-php-object-injection/</url>
|
|
<url>http://www.openwall.com/lists/oss-security/2013/09/12/1</url>
|
|
<url>http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4340</url>
|
|
<url>http://core.trac.wordpress.org/changeset/25325</url>
|
|
<secunia>54803</secunia>
|
|
<cve>2013-4338</cve>
|
|
<osvdb>97211</osvdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
<fixed_in>3.6.1</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>wp-includes/functions.php get_allowed_mime_types Function SWF / EXE File Upload XSS Weakness</title>
|
|
<references>
|
|
<osvdb>97210</osvdb>
|
|
<cve>2013-5739</cve>
|
|
<url>http://core.trac.wordpress.org/changeset/25322</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
<fixed_in>3.6.1</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Crafted String URL Redirect Restriction Bypass</title>
|
|
<references>
|
|
<osvdb>97212</osvdb>
|
|
<cve>2013-4339</cve>
|
|
<secunia>54803</secunia>
|
|
<url>http://packetstormsecurity.com/files/123589/</url>
|
|
<url>http://core.trac.wordpress.org/changeset/25323</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
<fixed_in>3.6.1</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>wp-admin/includes/post.php user_ID Parameter Manipulation Post Authorship Spoofing</title>
|
|
<references>
|
|
<osvdb>97213</osvdb>
|
|
<cve>2013-4340</cve>
|
|
<secunia>54803</secunia>
|
|
<url>http://core.trac.wordpress.org/changeset/25321</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
<fixed_in>3.6.1</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>wp-includes/functions.php get_allowed_mime_types Function HTML File Upload XSS Weakness</title>
|
|
<references>
|
|
<osvdb>97214</osvdb>
|
|
<cve>2013-5738</cve>
|
|
<url>http://core.trac.wordpress.org/changeset/25322</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
<fixed_in>3.6.1</fixed_in>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.5.2">
|
|
<vulnerability>
|
|
<title>SWFUpload Content Spoofing</title>
|
|
<references>
|
|
<url>http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html</url>
|
|
<url>https://github.com/wpscanteam/wpscan/issues/243</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.5.1">
|
|
<vulnerability>
|
|
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
|
|
<references>
|
|
<osvdb>95060</osvdb>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
<fixed_in>3.5.2</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
|
|
<secunia>53676</secunia>
|
|
<osvdb>94235</osvdb>
|
|
<cve>2013-2173</cve>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress Multiple XSS</title>
|
|
<references>
|
|
<osvdb>94791</osvdb>
|
|
<osvdb>94785</osvdb>
|
|
<osvdb>94786</osvdb>
|
|
<osvdb>94790</osvdb>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress TinyMCE Plugin Flash Applet Unspecified Spoofing Weakness</title>
|
|
<references>
|
|
<osvdb>94787</osvdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress File Upload Unspecified Path Disclosure</title>
|
|
<references>
|
|
<osvdb>94788</osvdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress oEmbed Unspecified XML External Entity (XXE) Arbitrary File Disclosure</title>
|
|
<references>
|
|
<osvdb>94789</osvdb>
|
|
</references>
|
|
<type>XXE</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress Multiple Role Remote Privilege Escalation</title>
|
|
<references>
|
|
<osvdb>94783</osvdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress HTTP API Unspecified Server Side Request Forgery (SSRF)</title>
|
|
<references>
|
|
<osvdb>94784</osvdb>
|
|
</references>
|
|
<type>SSRF</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.5">
|
|
<vulnerability>
|
|
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
|
|
<references>
|
|
<osvdb>95060</osvdb>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
<fixed_in>3.5.2</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
|
|
<secunia>53676</secunia>
|
|
<osvdb>94235</osvdb>
|
|
<cve>2013-2173</cve>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<references>
|
|
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.4.2">
|
|
<vulnerability>
|
|
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
|
|
<references>
|
|
<osvdb>95060</osvdb>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
<fixed_in>3.5.2</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
|
|
<secunia>53676</secunia>
|
|
<osvdb>94235</osvdb>
|
|
<cve>2013-2173</cve>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<references>
|
|
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.4.2 Cross Site Request Forgery</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html</url>
|
|
</references>
|
|
<type>CSRF</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.4.1">
|
|
<vulnerability>
|
|
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
|
|
<references>
|
|
<osvdb>95060</osvdb>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
<fixed_in>3.5.2</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
|
|
<secunia>53676</secunia>
|
|
<osvdb>94235</osvdb>
|
|
<cve>2013-2173</cve>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<references>
|
|
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.4">
|
|
<vulnerability>
|
|
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
|
|
<references>
|
|
<osvdb>95060</osvdb>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
<fixed_in>3.5.2</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
|
|
<secunia>53676</secunia>
|
|
<osvdb>94235</osvdb>
|
|
<cve>2013-2173</cve>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<references>
|
|
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.4-beta4">
|
|
<vulnerability>
|
|
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<references>
|
|
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
|
|
<references>
|
|
<exploitdb>18791</exploitdb>
|
|
</references>
|
|
<type>CSRF</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.3.3">
|
|
<vulnerability>
|
|
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<references>
|
|
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.3.2">
|
|
<vulnerability>
|
|
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
|
|
<references>
|
|
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
|
|
<references>
|
|
<exploitdb>18791</exploitdb>
|
|
</references>
|
|
<type>CSRF</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 3.3.2 Cross Site Scripting</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/113254</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.3.1">
|
|
<vulnerability>
|
|
<title>Multiple vulnerabilities including XSS and Privilege Escalation</title>
|
|
<references>
|
|
<url>http://wordpress.org/news/2012/04/wordpress-3-3-2/</url>
|
|
</references>
|
|
<type>MULTI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
|
|
<references>
|
|
<exploitdb>18791</exploitdb>
|
|
</references>
|
|
<type>CSRF</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.3">
|
|
<vulnerability>
|
|
<title>Reflected Cross-Site Scripting in WordPress 3.3</title>
|
|
<references>
|
|
<url>http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.2.1">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.2">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1.4">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1.3">
|
|
<vulnerability>
|
|
<title>Multiple SQL Injection Vulnerabilities</title>
|
|
<references>
|
|
<exploitdb>17465</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1.2">
|
|
<vulnerability>
|
|
<title>Wordpress <= 3.1.2 Clickjacking Vulnerability</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2011/Sep/219</url>
|
|
<url>http://www.securityfocus.com/bid/49730</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1.1">
|
|
<vulnerability>
|
|
<title>WordPress wp-includes/formatting.php make_clickable() PCRE Library Remote DoS</title>
|
|
<references>
|
|
<osvdb>72142</osvdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.1">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.6">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.5">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.4">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.3">
|
|
<vulnerability>
|
|
<title>SQL injection vulnerability in do_trackbacks() Wordpress function</title>
|
|
<references>
|
|
<exploitdb>15684</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 3.0.3 stored XSS IE7,6 NS8.1</title>
|
|
<references>
|
|
<exploitdb>15858</exploitdb>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.2">
|
|
<vulnerability>
|
|
<title>WordPress XML-RPC Interface Access Restriction Bypass</title>
|
|
<references>
|
|
<osvdb>69761</osvdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0.1">
|
|
<vulnerability>
|
|
<title>WordPress: Information Disclosure via SQL Injection Attack</title>
|
|
<references>
|
|
<url>http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/</url>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="3.0">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.9.2">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.9.1">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.9">
|
|
<vulnerability>
|
|
<title>WordPress 2.9 Failure to Restrict URL Access</title>
|
|
<references>
|
|
<exploitdb>11441</exploitdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress DOS <= 2.9</title>
|
|
<references>
|
|
<exploitdb>11441</exploitdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.6">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.5">
|
|
<vulnerability>
|
|
<title>WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution</title>
|
|
<references>
|
|
<exploitdb>10089</exploitdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.4">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.3">
|
|
<vulnerability>
|
|
<title>Wordpress <= 2.8.3 Remote Admin Reset Password Vulnerability</title>
|
|
<references>
|
|
<exploitdb>9410</exploitdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.2">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8.1">
|
|
<vulnerability>
|
|
<title>Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit</title>
|
|
<references>
|
|
<exploitdb>9250</exploitdb>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.8">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.7.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.7">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.5">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.4">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.3">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit</title>
|
|
<references>
|
|
<exploitdb>6421</exploitdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.6">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.5.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.5">
|
|
<vulnerability>
|
|
<title>Wordpress 2.5 Cookie Integrity Protection Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/archive/1/archive/1/491356/100/0/threaded</url>
|
|
<cve>2008-1930</cve>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XSS vulnerability in swfupload in WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.3.3">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.3.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.3.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress <= 2.3.1 Charset Remote SQL Injection Vulnerability</title>
|
|
<references>
|
|
<exploitdb>4721</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.3">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.2.3">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.2.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.2.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit</title>
|
|
<references>
|
|
<exploitdb>4113</exploitdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit</title>
|
|
<references>
|
|
<exploitdb>4039</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.1.3">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit</title>
|
|
<references>
|
|
<exploitdb>3960</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.1.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress "year" Cross-Site Scripting Vulnerability</title>
|
|
<references>
|
|
<secunia>24485</secunia>
|
|
<url>http://www.securityfocus.com/archive/1/archive/1/462374/100/0/threaded</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit</title>
|
|
<references>
|
|
<exploitdb>3656</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.1.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.1">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.11">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.10">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.9">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.8">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.7">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.6">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit</title>
|
|
<references>
|
|
<exploitdb>3109</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.5">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit</title>
|
|
<references>
|
|
<exploitdb>3095</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.4">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.3">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.2">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit</title>
|
|
<references>
|
|
<exploitdb>6</exploitdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0.1">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="2.0">
|
|
<vulnerability>
|
|
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
|
|
<references>
|
|
<url>http://www.securityfocus.com/bid/35584/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.2">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.1.3">
|
|
<vulnerability>
|
|
<title>Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)</title>
|
|
<references>
|
|
<exploitdb>1145</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.1.2">
|
|
<vulnerability>
|
|
<title>Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit</title>
|
|
<references>
|
|
<osvdb>17636</osvdb>
|
|
<osvdb>17637</osvdb>
|
|
<osvdb>17638</osvdb>
|
|
<osvdb>17639</osvdb>
|
|
<osvdb>17640</osvdb>
|
|
<osvdb>17641</osvdb>
|
|
<cve>2005-2108</cve>
|
|
<exploitdb>1077</exploitdb>
|
|
<secunia>15831</secunia>
|
|
<secunia>15898</secunia>
|
|
</references>
|
|
<type>SQLI</type>
|
|
<fixed_in>1.5.1.3</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.1.1">
|
|
<vulnerability>
|
|
<title>WordPress <= 1.5.1.1 "add new admin" SQL Injection Exploit</title>
|
|
<references>
|
|
<secunia>1059</secunia>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress <= 1.5.1.1 SQL Injection Exploit</title>
|
|
<references>
|
|
<exploitdb>1033</exploitdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5.1">
|
|
<vulnerability>
|
|
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
|
|
<references>
|
|
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress XMLRPC pingback additional issues</title>
|
|
<references>
|
|
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
<wordpress version="1.5">
|
|
<vulnerability>
|
|
<title>WordPress wp-trackback.php tb_id Parameter SQL Injection</title>
|
|
<references>
|
|
<cve>2005-1687</cve>
|
|
<osvdb>16701</osvdb>
|
|
<osvdb>16702</osvdb>
|
|
<osvdb>16703</osvdb>
|
|
</references>
|
|
<type>SQLI</type>
|
|
<fixed_in>1.5.1</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress post.php p Parameter XSS</title>
|
|
<references>
|
|
<osvdb>16702</osvdb>
|
|
<osvdb>16701</osvdb>
|
|
<osvdb>16703</osvdb>
|
|
</references>
|
|
<type>XSS</type>
|
|
<fixed_in>1.5.1</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress Multiple Script Direct Request Path Disclosure</title>
|
|
<references>
|
|
<cve>2005-1688</cve>
|
|
<osvdb>16703</osvdb>
|
|
<osvdb>16701</osvdb>
|
|
<osvdb>16702</osvdb>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
<fixed_in>1.5.1</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress Cross-Site Scripting and SQL Injection Vulnerabilities</title>
|
|
<references>
|
|
<osvdb>16478</osvdb>
|
|
<secunia>15324</secunia>
|
|
</references>
|
|
<type>MULTI</type>
|
|
<fixed_in>1.5.1</fixed_in>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>WordPress template-functions-post.php Multiple Field XSS</title>
|
|
<references>
|
|
<cve>2005-1102</cve>
|
|
<osvdb>15643</osvdb>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</wordpress>
|
|
|
|
</vulnerabilities>
|