garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
59cac169e777805010146dc28c4ae6c5febaa0d7
wpscan/data/wp_vulns.xml
Peter 8c1ee9cf21 Update wp_vulns.xml
2014-01-04 15:32:45 +01:00

2329 lines
76 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<vulnerabilities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="vuln.xsd">
<wordpress version="3.8">
<vulnerability>
<title>wp-admin/options-writing.php Cleartext Admin Credentials Disclosure</title>
<references>
<osvdb>101101</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Dec/135</url>
</references>
<type>AUTHBYPASS</type>
</vulnerability>
</wordpress>
<wordpress version="3.7.1">
<vulnerability>
<title>wp-admin/options-writing.php Cleartext Admin Credentials Disclosure</title>
<references>
<osvdb>101101</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Dec/135</url>
</references>
<type>AUTHBYPASS</type>
</vulnerability>
</wordpress>
<wordpress version="3.6">
<vulnerability>
<title>PHP Object Injection</title>
<references>
<url>http://vagosec.org/2013/09/wordpress-php-object-injection/</url>
<url>http://www.openwall.com/lists/oss-security/2013/09/12/1</url>
<url>http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4340</url>
<url>http://core.trac.wordpress.org/changeset/25325</url>
<secunia>54803</secunia>
<cve>2013-4338</cve>
<osvdb>97211</osvdb>
</references>
<type>UNKNOWN</type>
<fixed_in>3.6.1</fixed_in>
</vulnerability>
<vulnerability>
<title>wp-includes/functions.php get_allowed_mime_types Function SWF / EXE File Upload XSS Weakness</title>
<references>
<osvdb>97210</osvdb>
<cve>2013-5739</cve>
<url>http://core.trac.wordpress.org/changeset/25322</url>
</references>
<type>XSS</type>
<fixed_in>3.6.1</fixed_in>
</vulnerability>
<vulnerability>
<title>Crafted String URL Redirect Restriction Bypass</title>
<references>
<osvdb>97212</osvdb>
<cve>2013-4339</cve>
<secunia>54803</secunia>
<exploitdb>28958</exploitdb>
<url>http://packetstormsecurity.com/files/123589/</url>
<url>http://core.trac.wordpress.org/changeset/25323</url>
</references>
<type>UNKNOWN</type>
<fixed_in>3.6.1</fixed_in>
</vulnerability>
<vulnerability>
<title>wp-admin/includes/post.php user_ID Parameter Manipulation Post Authorship Spoofing</title>
<references>
<osvdb>97213</osvdb>
<cve>2013-4340</cve>
<secunia>54803</secunia>
<url>http://core.trac.wordpress.org/changeset/25321</url>
</references>
<type>UNKNOWN</type>
<fixed_in>3.6.1</fixed_in>
</vulnerability>
<vulnerability>
<title>wp-includes/functions.php get_allowed_mime_types Function HTML File Upload XSS Weakness</title>
<references>
<osvdb>97214</osvdb>
<cve>2013-5738</cve>
<url>http://core.trac.wordpress.org/changeset/25322</url>
</references>
<type>XSS</type>
<fixed_in>3.6.1</fixed_in>
</vulnerability>
<vulnerability>
<title>Multiple Function Path Disclosure</title>
<references>
<osvdb>100487</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Nov/220</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Multiple Script Arbitrary Site Redirect</title>
<references>
<osvdb>101181</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Dec/174</url>
</references>
<type>REDIRECT</type>
<fixed_in>3.6.1</fixed_in>
</vulnerability>
<vulnerability>
<title>wp-admin/edit-tags.php _wp_http_referer Parameter Reflected XSS</title>
<references>
<osvdb>101182</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Dec/174</url>
</references>
<type>XSS</type>
<fixed_in>3.6.1</fixed_in>
</vulnerability>
</wordpress>
<wordpress version="3.5.2">
<vulnerability>
<title>Media Library Multiple Function Path Disclosure</title>
<references>
<osvdb>100484</osvdb>
<url>http://websecurity.com.ua/6795/</url>
</references>
<type>FPD</type>
</vulnerability>
<vulnerability>
<title>SWFUpload Content Spoofing</title>
<references>
<url>http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html</url>
<url>https://github.com/wpscanteam/wpscan/issues/243</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.5.1">
<vulnerability>
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
<references>
<osvdb>95060</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
</references>
<type>FPD</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress 3.4-3.5.1 DoS in class-phpass.php</title>
<references>
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
<secunia>53676</secunia>
<osvdb>94235</osvdb>
<cve>2013-2173</cve>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress Multiple XSS</title>
<references>
<osvdb>94791</osvdb>
<osvdb>94785</osvdb>
<osvdb>94786</osvdb>
<osvdb>94790</osvdb>
</references>
<type>XSS</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress TinyMCE Plugin Flash Applet Unspecified Spoofing Weakness</title>
<references>
<osvdb>94787</osvdb>
</references>
<type>UNKNOWN</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress File Upload Unspecified Path Disclosure</title>
<references>
<osvdb>94788</osvdb>
</references>
<type>UNKNOWN</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress 3.5-3.5.1 oEmbed Unspecified XML External Entity (XXE) Arbitrary File Disclosure</title>
<references>
<osvdb>94789</osvdb>
</references>
<type>XXE</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress 3.5-3.5.1 Multiple Role Remote Privilege Escalation</title>
<references>
<osvdb>94783</osvdb>
</references>
<type>UNKNOWN</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress 3.5-3.5.1 HTTP API Unspecified Server Side Request Forgery (SSRF)</title>
<references>
<osvdb>94784</osvdb>
</references>
<type>SSRF</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
</wordpress>
<wordpress version="3.5">
<vulnerability>
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
<references>
<osvdb>95060</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
</references>
<type>FPD</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
<references>
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
<secunia>53676</secunia>
<osvdb>94235</osvdb>
<cve>2013-2173</cve>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
<references>
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.4.2">
<vulnerability>
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
<references>
<osvdb>95060</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
</references>
<type>FPD</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
<references>
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
<secunia>53676</secunia>
<osvdb>94235</osvdb>
<cve>2013-2173</cve>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
<references>
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>WordPress 3.4.2 Cross Site Request Forgery</title>
<references>
<url>http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html</url>
</references>
<type>CSRF</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.4.1">
<vulnerability>
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
<references>
<osvdb>95060</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
</references>
<type>FPD</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
<references>
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
<secunia>53676</secunia>
<osvdb>94235</osvdb>
<cve>2013-2173</cve>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
<references>
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.4">
<vulnerability>
<title>Wordpress 3.4 - 3.5.1 /wp-admin/users.php Malformed s Parameter Path Disclosure</title>
<references>
<osvdb>95060</osvdb>
<url>http://seclists.org/fulldisclosure/2013/Jul/70</url>
</references>
<type>FPD</type>
<fixed_in>3.5.2</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress 3.4 - 3.5.1 DoS in class-phpass.php</title>
<references>
<url>http://seclists.org/fulldisclosure/2013/Jun/65</url>
<secunia>53676</secunia>
<osvdb>94235</osvdb>
<cve>2013-2173</cve>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
<references>
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.4-beta4">
<vulnerability>
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
<references>
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
<references>
<exploitdb>18791</exploitdb>
</references>
<type>CSRF</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.3.3">
<vulnerability>
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
<references>
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.3.2">
<vulnerability>
<title>WordPress 3.3.2 - 3.5 Cross-Site Scripting (XSS) (Issue 3)</title>
<references>
<url>https://github.com/wpscanteam/wpscan/wiki/WordPress-3.5-Issues</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
<references>
<exploitdb>18791</exploitdb>
</references>
<type>CSRF</type>
</vulnerability>
<vulnerability>
<title>WordPress 3.3.2 Cross Site Scripting</title>
<references>
<url>http://packetstormsecurity.org/files/113254</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.3.1">
<vulnerability>
<title>Multiple vulnerabilities including XSS and Privilege Escalation</title>
<references>
<url>http://wordpress.org/news/2012/04/wordpress-3-3-2/</url>
</references>
<type>MULTI</type>
</vulnerability>
<vulnerability>
<title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
<references>
<exploitdb>18791</exploitdb>
</references>
<type>CSRF</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.3">
<vulnerability>
<title>Reflected Cross-Site Scripting in WordPress 3.3</title>
<references>
<url>http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.2.1">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.2">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.1.4">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.1.3">
<vulnerability>
<title>wp-admin/link-manager.php Multiple Parameter SQL Injection</title>
<references>
<osvdb>73723</osvdb>
<exploitdb>17465</exploitdb>
<secunia>45099</secunia>
</references>
<type>SQLI</type>
<fixed_in>3.1.4</fixed_in>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.1.2">
<vulnerability>
<title>Wordpress &lt;= 3.1.2 Clickjacking Vulnerability</title>
<references>
<url>http://seclists.org/fulldisclosure/2011/Sep/219</url>
<url>http://www.securityfocus.com/bid/49730</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.1.1">
<vulnerability>
<title>WordPress wp-includes/formatting.php make_clickable() PCRE Library Remote DoS</title>
<references>
<osvdb>72142</osvdb>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.1">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.0.6">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.0.5">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.0.4">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.0.3">
<vulnerability>
<title>SQL injection vulnerability in do_trackbacks() Wordpress function</title>
<references>
<exploitdb>15684</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>Wordpress 3.0.3 stored XSS IE7,6 NS8.1</title>
<references>
<exploitdb>15858</exploitdb>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.0.2">
<vulnerability>
<title>WordPress XML-RPC Interface Access Restriction Bypass</title>
<references>
<osvdb>69761</osvdb>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.0.1">
<vulnerability>
<title>WordPress: Information Disclosure via SQL Injection Attack</title>
<references>
<url>http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/</url>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="3.0">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.9.2">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.9.1">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.9">
<vulnerability>
<title>WordPress 2.9 Failure to Restrict URL Access</title>
<references>
<exploitdb>11441</exploitdb>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress DOS &lt;= 2.9</title>
<references>
<exploitdb>11441</exploitdb>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.8.6">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.8.5">
<vulnerability>
<title>WordPress &lt;= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution</title>
<references>
<exploitdb>10089</exploitdb>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.8.4">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.8.3">
<vulnerability>
<title>Wordpress &lt;= 2.8.3 Remote Admin Reset Password Vulnerability</title>
<references>
<exploitdb>9410</exploitdb>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.8.2">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.8.1">
<vulnerability>
<title>Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit</title>
<references>
<exploitdb>9250</exploitdb>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.8">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.7.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.7">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.6.5">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.6.4">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.6.3">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.6.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.6.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit</title>
<references>
<exploitdb>6421</exploitdb>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.6">
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.5.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.5">
<vulnerability>
<title>Wordpress 2.5 Cookie Integrity Protection Vulnerability</title>
<references>
<url>http://www.securityfocus.com/archive/1/archive/1/491356/100/0/threaded</url>
<cve>2008-1930</cve>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XSS vulnerability in swfupload in WordPress</title>
<references>
<url>http://seclists.org/fulldisclosure/2012/Nov/51</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.3.3">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.3.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.3.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress &lt;= 2.3.1 Charset Remote SQL Injection Vulnerability</title>
<references>
<exploitdb>4721</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.3">
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.2.3">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.2.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.2.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit</title>
<references>
<exploitdb>4113</exploitdb>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit</title>
<references>
<exploitdb>4039</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.1.3">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit</title>
<references>
<exploitdb>3960</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.1.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress "year" Cross-Site Scripting Vulnerability</title>
<references>
<secunia>24485</secunia>
<url>http://www.securityfocus.com/archive/1/archive/1/462374/100/0/threaded</url>
</references>
<type>XSS</type>
</vulnerability>
<vulnerability>
<title>Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit</title>
<references>
<exploitdb>3656</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.1.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress Command Execution and PHP Injection</title>
<references>
<cve>2007-1277</cve>
<secunia>24374</secunia>
<url>http://www.securityfocus.com/bid/22797</url>
<url>http://xforce.iss.net/xforce/xfdb/32807</url>
</references>
<type>RCE</type>
<fixed_in>2.1.2</fixed_in>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.1">
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.11">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.10">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.9">
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.8">
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.7">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.6">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress &lt;= 2.0.6 wp-trackback.php Remote SQL Injection Exploit</title>
<references>
<exploitdb>3109</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.5">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit</title>
<references>
<exploitdb>3095</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.4">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/18779</url>
</references>
<type>SQLI</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.3">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/18779</url>
</references>
<type>SQLI</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.2">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress &lt;= 2.0.2 (cache) Remote Shell Injection Exploit</title>
<references>
<exploitdb>6</exploitdb>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress 2.0.2 - 2.0.4 Paged Parameter SQL Injection Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/18779</url>
</references>
<type>SQLI</type>
</vulnerability>
</wordpress>
<wordpress version="2.0.1">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="2.0">
<vulnerability>
<title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
<references>
<url>http://www.securityfocus.com/bid/35584/</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="1.5.2">
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="1.5.1.3">
<vulnerability>
<title>Wordpress &lt;= 1.5.1.3 Remote Code Execution eXploit (metasploit)</title>
<references>
<exploitdb>1145</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="1.5.1.2">
<vulnerability>
<title>Wordpress &lt;= 1.5.1.2 xmlrpc Interface SQL Injection Exploit</title>
<references>
<osvdb>17636</osvdb>
<osvdb>17637</osvdb>
<osvdb>17638</osvdb>
<osvdb>17639</osvdb>
<osvdb>17640</osvdb>
<osvdb>17641</osvdb>
<cve>2005-2108</cve>
<exploitdb>1077</exploitdb>
<secunia>15831</secunia>
<secunia>15898</secunia>
</references>
<type>SQLI</type>
<fixed_in>1.5.1.3</fixed_in>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="1.5.1.1">
<vulnerability>
<title>WordPress &lt;= 1.5.1.1 &quot;add new admin&quot; SQL Injection Exploit</title>
<references>
<secunia>1059</secunia>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>WordPress &lt;= 1.5.1.1 SQL Injection Exploit</title>
<references>
<exploitdb>1033</exploitdb>
</references>
<type>SQLI</type>
</vulnerability>
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="1.5.1">
<vulnerability>
<title>XMLRPC Pingback API Internal/External Port Scanning</title>
<references>
<url>https://github.com/FireFart/WordpressPingbackPortScanner</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
<vulnerability>
<title>WordPress XMLRPC pingback additional issues</title>
<references>
<url>http://lab.onsec.ru/2013/01/wordpress-xmlrpc-pingback-additional.html</url>
</references>
<type>UNKNOWN</type>
</vulnerability>
</wordpress>
<wordpress version="1.5">
<vulnerability>
<title>WordPress wp-trackback.php tb_id Parameter SQL Injection</title>
<references>
<cve>2005-1687</cve>
<osvdb>16701</osvdb>
<osvdb>16702</osvdb>
<osvdb>16703</osvdb>
</references>
<type>SQLI</type>
<fixed_in>1.5.1</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress post.php p Parameter XSS</title>
<references>
<osvdb>16702</osvdb>
<osvdb>16701</osvdb>
<osvdb>16703</osvdb>
</references>
<type>XSS</type>
<fixed_in>1.5.1</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress Multiple Script Direct Request Path Disclosure</title>
<references>
<cve>2005-1688</cve>
<osvdb>16703</osvdb>
<osvdb>16701</osvdb>
<osvdb>16702</osvdb>
</references>
<type>UNKNOWN</type>
<fixed_in>1.5.1</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress Cross-Site Scripting and SQL Injection Vulnerabilities</title>
<references>
<osvdb>16478</osvdb>
<secunia>15324</secunia>
</references>
<type>MULTI</type>
<fixed_in>1.5.1</fixed_in>
</vulnerability>
<vulnerability>
<title>WordPress template-functions-post.php Multiple Field XSS</title>
<references>
<cve>2005-1102</cve>
<osvdb>15643</osvdb>
</references>
<type>XSS</type>
</vulnerability>
</wordpress>
</vulnerabilities>
Reference in New Issue View Git Blame Copy Permalink