厂商或团体 wordpress 的搜索结果 (302)

CVE-2016-5836(发布:2016-06-29 10:10:07)NMS
CVSS5.0

[原文]The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors.

CVE-2016-5835(发布:2016-06-29 10:10:06)NMPS
CVSS5.0

[原文]WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php.

CVE-2016-5834(发布:2016-06-29 10:10:05)NMPS
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833.

CVE-2016-5833(发布:2016-06-29 10:10:04)NM
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5834.

CVE-2016-5832(发布:2016-06-29 10:10:03)NMPS
CVSS5.0

[原文]The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors.

CVE-2016-4567(发布:2016-05-21 21:59:31)NM
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."

首页上一页56789101112下一页尾页 第7页 / 共51页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站