厂商或团体 wordpress 的搜索结果 (300)

CVE-2016-2221(发布:2016-05-21 21:59:14)NMS
CVSS5.8

[原文]Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers incorrect hostname parsing, as demonstrated by an https:example.com URL.

CVE-2016-1564(发布:2016-05-21 21:59:13)NMS
CVSS4.3

[原文]Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a (1) stylesheet name or (2) template name to wp-admin/customize.php.

CVE-2015-8834(发布:2016-05-21 21:59:04)NMP
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3440.

CVE-2015-7989(发布:2016-05-21 21:59:03)NMP
CVSS3.5

[原文]Cross-site scripting (XSS) vulnerability in the user list table in WordPress before 4.3.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted e-mail address, a different vulnerability than CVE-2015-5714.

CVE-2015-5715(发布:2016-05-21 21:59:02)NMPS
CVSS4.0

[原文]The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arrange for a private post to be published and sticky, via unspecified vectors.

CVE-2015-5714(发布:2016-05-21 21:59:01)NMPS
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags.

首页上一页678910111213下一页尾页 第8页 / 共50页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站