1 line
143 KiB
JSON
1 line
143 KiB
JSON
[{"3.8.1":{"vulnerabilities":[{"id":5963,"title":"Administrator-exploitable blind SQLi in WordPress 1.0 - 3.8.1","url":"https://security.dxw.com/advisories/sqli-in-wordpress-3-6-1/","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z"},{"id":5964,"title":"Potential Authentication Cookie Forgery","url":"https://labs.mwrinfosecurity.com/blog/2014/04/11/wordpress-auth-cookie-forgery/,https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be","osvdb":"105620","cve":"2014-0166","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.8.2"},{"id":5965,"title":"Privilege escalation: contributors publishing posts","url":"https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165","osvdb":"105630","cve":"2014-0165","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.8.2"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.8.2"}]}},{"3.8":{"vulnerabilities":[{"id":5967,"title":"wp-admin/options-writing.php Cleartext Admin Credentials Disclosure","url":"http://seclists.org/fulldisclosure/2013/Dec/135","osvdb":"101101","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z"}]}},{"3.7.1":{"vulnerabilities":[{"id":5964,"title":"Potential Authentication Cookie Forgery","url":"https://labs.mwrinfosecurity.com/blog/2014/04/11/wordpress-auth-cookie-forgery/,https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be","osvdb":"105620","cve":"2014-0166","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.7.2"},{"id":5965,"title":"Privilege escalation: contributors publishing posts","url":"https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165","osvdb":"105630","cve":"2014-0165","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.7.2"},{"id":5967,"title":"wp-admin/options-writing.php Cleartext Admin Credentials Disclosure","url":"http://seclists.org/fulldisclosure/2013/Dec/135","osvdb":"101101","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.7.2"}]}},{"3.6":{"vulnerabilities":[{"id":5968,"title":"PHP Object Injection","url":"http://vagosec.org/2013/09/wordpress-php-object-injection/,http://www.openwall.com/lists/oss-security/2013/09/12/1,http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4340,http://core.trac.wordpress.org/changeset/25325","osvdb":"97211","cve":"2013-4338","secunia":"54803","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5969,"title":"wp-includes/functions.php get_allowed_mime_types Function SWF / EXE File Upload XSS Weakness","url":"http://core.trac.wordpress.org/changeset/25322","osvdb":"97210","cve":"2013-5739","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5971,"title":"wp-admin/includes/post.php user_ID Parameter Manipulation Post Authorship Spoofing","url":"http://core.trac.wordpress.org/changeset/25321","osvdb":"97213","cve":"2013-4340","secunia":"54803","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5972,"title":"wp-includes/functions.php get_allowed_mime_types Function HTML File Upload XSS Weakness","url":"http://core.trac.wordpress.org/changeset/25322","osvdb":"97214","cve":"2013-5738","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5973,"title":"Multiple Function Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Nov/220","osvdb":"100487","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z"},{"id":5974,"title":"Multiple Script Arbitrary Site Redirect","url":"http://seclists.org/fulldisclosure/2013/Dec/174","osvdb":"101181","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5975,"title":"wp-admin/edit-tags.php _wp_http_referer Parameter Reflected XSS","url":"http://seclists.org/fulldisclosure/2013/Dec/174","osvdb":"101182","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.6.1"}]}},{"3.5.2":{"vulnerabilities":[{"id":5976,"title":"Media Library Multiple Function Path Disclosure","url":"http://websecurity.com.ua/6795/","osvdb":"100484","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5977,"title":"SWFUpload Content Spoofing","url":"http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html,https://github.com/wpscanteam/wpscan/issues/243","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.5.1":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5979,"title":"WordPress 3.4-3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5980,"title":"WordPress Multiple XSS","osvdb":"94791,94785,94786,94790","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5981,"title":"WordPress TinyMCE Plugin Flash Applet Unspecified Spoofing Weakness","osvdb":"94787","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5982,"title":"WordPress File Upload Unspecified Path Disclosure","osvdb":"94788","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5983,"title":"WordPress 3.5-3.5.1 oEmbed Unspecified XML External Entity (XXE) Arbitrary File Disclosure","osvdb":"94789","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5984,"title":"WordPress 3.5-3.5.1 Multiple Role Remote Privilege Escalation","osvdb":"94783","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5985,"title":"WordPress 3.5-3.5.1 HTTP API Unspecified Server Side Request Forgery (SSRF)","osvdb":"94784","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.5":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5986,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5990,"title":"Shortcodes / Post Content Multiple Unspecified XSS","url":"http://www.securityfocus.com/bid/57554,http://securitytracker.com/id?1028045","osvdb":"89576","cve":"2013-0236","secunia":"51967","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.4.2":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5986,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5991,"title":"WordPress 3.4.2 Cross Site Request Forgery","url":"http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.4.1":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5986,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.4":{"vulnerabilities":[{"id":5978,"title":"Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure","url":"http://seclists.org/fulldisclosure/2013/Jul/70","osvdb":"95060","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5986,"title":"WordPress 3.4 - 3.5.1 DoS in class-phpass.php","url":"http://seclists.org/fulldisclosure/2013/Jun/65","osvdb":"94235","cve":"2013-2173","secunia":"53676","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z","fixed_in":"3.5.2"},{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.4-beta4":{"vulnerabilities":[{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5992,"title":"Wordpress 3.3.1 Multiple CSRF Vulnerabilities","exploitdb":"18791","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.3.3":{"vulnerabilities":[{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.3.2":{"vulnerabilities":[{"id":5987,"title":"WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)","url":"https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5992,"title":"Wordpress 3.3.1 Multiple CSRF Vulnerabilities","exploitdb":"18791","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5993,"title":"WordPress 3.3.2 Cross Site Scripting","url":"http://packetstormsecurity.org/files/113254","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"},{"id":5966,"title":"Plupload Unspecified XSS","osvdb":"105622","secunia":"57769","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.5.1"}]}},{"3.3.1":{"vulnerabilities":[{"id":5997,"title":"Multiple vulnerabilities including XSS and Privilege Escalation","url":"http://wordpress.org/news/2012/04/wordpress-3-3-2/","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5998,"title":"Wordpress 3.3.1 - Multiple CSRF Vulnerabilities","exploitdb":"18791","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.3":{"vulnerabilities":[{"id":6000,"title":"Reflected Cross-Site Scripting in WordPress 3.3","url":"http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.2.1":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.2":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1.4":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1.3":{"vulnerabilities":[{"id":6001,"title":"wp-admin/link-manager.php Multiple Parameter SQL Injection","osvdb":"73723","secunia":"45099","exploitdb":"17465","created_at":"2014-08-01T10:58:22.000Z","updated_at":"2014-08-01T10:58:22.000Z","fixed_in":"3.1.4"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1.2":{"vulnerabilities":[{"id":6002,"title":"Wordpress \u003c= 3.1.2 Clickjacking Vulnerability","url":"http://seclists.org/fulldisclosure/2011/Sep/219,http://www.securityfocus.com/bid/49730","created_at":"2014-08-01T10:58:22.000Z","updated_at":"2014-08-01T10:58:22.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1.1":{"vulnerabilities":[{"id":6003,"title":"WordPress wp-includes/formatting.php make_clickable() PCRE Library Remote DoS","osvdb":"72142","created_at":"2014-08-01T10:58:22.000Z","updated_at":"2014-08-01T10:58:22.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.1":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.6":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.5":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.4":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.3":{"vulnerabilities":[{"id":6005,"title":"SQL injection vulnerability in do_trackbacks() Wordpress function","exploitdb":"15684","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z"},{"id":6006,"title":"Wordpress 3.0.3 stored XSS IE7,6 NS8.1","exploitdb":"15858","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.2":{"vulnerabilities":[{"id":6007,"title":"WordPress XML-RPC Interface Access Restriction Bypass","osvdb":"69761","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0.1":{"vulnerabilities":[{"id":6008,"title":"WordPress: Information Disclosure via SQL Injection Attack","url":"http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"3.0":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6004,"title":"wp-admin/press-this.php - Privilege Escalation","cve":"2011-5270","created_at":"2014-08-01T10:58:23.000Z","updated_at":"2014-08-01T10:58:23.000Z","fixed_in":"3.0.6"},{"id":5994,"title":"Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php","cve":"2012-6633","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5995,"title":"wp-admin/media-upload.php sensitive information disclosure or bypass","cve":"2012-6634","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":5996,"title":"wp-admin/includes/class-wp-posts-list-table.php sensitive information disclosure by visiting a draft","cve":"2012-6635","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z","fixed_in":"3.3.3"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.1"},{"id":5970,"title":"Crafted String URL Redirect Restriction Bypass","url":"http://packetstormsecurity.com/files/123589/,http://core.trac.wordpress.org/changeset/25323,http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/91609","osvdb":"97212","cve":"2013-4339","secunia":"54803","exploitdb":"28958","created_at":"2014-08-01T10:58:19.000Z","updated_at":"2014-08-01T10:58:19.000Z","fixed_in":"3.6.1"}]}},{"2.9.2":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.9.1":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.9":{"vulnerabilities":[{"id":6014,"title":"WordPress 2.9 Failure to Restrict URL Access","exploitdb":"11441","created_at":"2014-08-01T10:58:25.000Z","updated_at":"2014-08-01T10:58:25.000Z"},{"id":6015,"title":"Wordpress DOS \u003c= 2.9","exploitdb":"11441","created_at":"2014-08-01T10:58:25.000Z","updated_at":"2014-08-01T10:58:25.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.6":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.5":{"vulnerabilities":[{"id":6016,"title":"WordPress \u003c= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution","exploitdb":"10089","created_at":"2014-08-01T10:58:25.000Z","updated_at":"2014-08-01T10:58:25.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.4":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.3":{"vulnerabilities":[{"id":6017,"title":"Wordpress \u003c= 2.8.3 Remote Admin Reset Password Vulnerability","exploitdb":"9410","created_at":"2014-08-01T10:58:25.000Z","updated_at":"2014-08-01T10:58:25.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.2":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8.1":{"vulnerabilities":[{"id":6018,"title":"Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit","exploitdb":"9250","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.8":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.7.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.7":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.5":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.4":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.3":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6020,"title":"Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit","exploitdb":"6421","created_at":"2014-08-01T10:58:27.000Z","updated_at":"2014-08-01T10:58:27.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.6":{"vulnerabilities":[{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.5.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.5":{"vulnerabilities":[{"id":6021,"title":"Wordpress 2.5 Cookie Integrity Protection Vulnerability","url":"http://www.securityfocus.com/archive/1/archive/1/491356/100/0/threaded","cve":"2008-1930","created_at":"2014-08-01T10:58:28.000Z","updated_at":"2014-08-01T10:58:28.000Z"},{"id":5999,"title":"XSS vulnerability in swfupload in WordPress","url":"http://seclists.org/fulldisclosure/2012/Nov/51","created_at":"2014-08-01T10:58:21.000Z","updated_at":"2014-08-01T10:58:21.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.3.3":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.3.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.3.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6022,"title":"Wordpress \u003c= 2.3.1 Charset Remote SQL Injection Vulnerability","exploitdb":"4721","created_at":"2014-08-01T10:58:29.000Z","updated_at":"2014-08-01T10:58:29.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.3":{"vulnerabilities":[{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.2.3":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.2.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.2.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6023,"title":"WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit","exploitdb":"4113","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":6024,"title":"Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit","exploitdb":"4039","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.1.3":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6025,"title":"Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit","exploitdb":"3960","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.1.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6026,"title":"WordPress \"year\" Cross-Site Scripting Vulnerability","url":"http://www.securityfocus.com/archive/1/archive/1/462374/100/0/threaded","secunia":"24485","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":6027,"title":"Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit","exploitdb":"3656","created_at":"2014-08-01T10:58:30.000Z","updated_at":"2014-08-01T10:58:30.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.1.1":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6028,"title":"WordPress Command Execution and PHP Injection","url":"http://www.securityfocus.com/bid/22797,http://xforce.iss.net/xforce/xfdb/32807","cve":"2007-1277","secunia":"24374","created_at":"2014-08-01T10:58:31.000Z","updated_at":"2014-08-01T10:58:31.000Z","fixed_in":"2.1.2"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.1":{"vulnerabilities":[{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.11":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.10":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.9":{"vulnerabilities":[{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.8":{"vulnerabilities":[{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.7":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.6":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6029,"title":"Wordpress \u003c= 2.0.6 wp-trackback.php Remote SQL Injection Exploit","exploitdb":"3109","created_at":"2014-08-01T10:58:32.000Z","updated_at":"2014-08-01T10:58:32.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.5":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6030,"title":"Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit","exploitdb":"3095","created_at":"2014-08-01T10:58:32.000Z","updated_at":"2014-08-01T10:58:32.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.4":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6031,"title":"WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/18779","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.3":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6031,"title":"WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/18779","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.2":{"vulnerabilities":[{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":6032,"title":"WordPress \u003c= 2.0.2 (cache) Remote Shell Injection Exploit","exploitdb":"6","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6031,"title":"WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability","url":"http://www.securityfocus.com/bid/18779","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0.1":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"2.0":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6019,"title":"WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability","url":"http://www.securityfocus.com/bid/35584/","created_at":"2014-08-01T10:58:26.000Z","updated_at":"2014-08-01T10:58:26.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":6009,"title":"wp-includes/comment.php bypass intended spam restrictions via a crafted URL","osvdb":"104693","cve":"2010-5293","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6010,"title":"Multiple cross-site scripting (XSS) in the request_filesystem_credentials function in wp-admin/includes/file.php","cve":"2010-5294","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6011,"title":"Cross-site scripting (XSS) in wp-admin/plugins.php","cve":"2010-5295","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6012,"title":"wp-includes/capabilities.php Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","cve":"2010-5296","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0.2"},{"id":6013,"title":"Remote Authenticated Administrator Bypass Intended Access Restrictions via a Delete Action","osvdb":"104691","cve":"2010-5297","created_at":"2014-08-01T10:58:24.000Z","updated_at":"2014-08-01T10:58:24.000Z","fixed_in":"3.0"}]}},{"1.5.2":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5.1.3":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6034,"title":"Wordpress \u003c= 1.5.1.3 Remote Code Execution eXploit (metasploit)","exploitdb":"1145","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5.1.2":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6035,"title":"Wordpress \u003c= 1.5.1.2 xmlrpc Interface SQL Injection Exploit","osvdb":"17636,17637,17638,17639,17640,17641","cve":"2005-2108","secunia":"15831,15898","exploitdb":"1077","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1.3"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5.1.1":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":6036,"title":"WordPress \u003c= 1.5.1.1 \"add new admin\" SQL Injection Exploit","exploitdb":"1059","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z"},{"id":6037,"title":"WordPress \u003c= 1.5.1.1 SQL Injection Exploit","exploitdb":"1033","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5.1":{"vulnerabilities":[{"id":6033,"title":"Wordpress wp-register.php Multiple Parameter XSS","osvdb":"38577","created_at":"2014-08-01T10:58:33.000Z","updated_at":"2014-08-01T10:58:33.000Z","fixed_in":"2.0.2"},{"id":5988,"title":"XMLRPC Pingback API Internal/External Port Scanning","url":"https://github.com/FireFart/WordpressPingbackPortScanner","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"},{"id":5989,"title":"WordPress XMLRPC pingback additional issues","url":"http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html","created_at":"2014-08-01T10:58:20.000Z","updated_at":"2014-08-01T10:58:20.000Z"}]}},{"1.5":{"vulnerabilities":[{"id":6038,"title":"WordPress wp-trackback.php tb_id Parameter SQL Injection","osvdb":"16701,16702,16703","cve":"2005-1687","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1"},{"id":6039,"title":"WordPress post.php p Parameter XSS","osvdb":"16702,16701,16703","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1"},{"id":6040,"title":"WordPress Multiple Script Direct Request Path Disclosure","osvdb":"16703,16701,16702","cve":"2005-1688","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1"},{"id":6041,"title":"WordPress Cross-Site Scripting and SQL Injection Vulnerabilities","osvdb":"16478","secunia":"15324","created_at":"2014-08-01T10:58:34.000Z","updated_at":"2014-08-01T10:58:34.000Z","fixed_in":"1.5.1"},{"id":6042,"title":"WordPress template-functions-post.php Multiple Field XSS","osvdb":"15643","cve":"2005-1102","created_at":"2014-08-01T10:58:35.000Z","updated_at":"2014-08-01T10:58:35.000Z"}]}}] |