Arch LinuxASA-201509-7

HistorySep 21, 2015 - 12:00 a.m.

Vulners
/
Archlinux
/
wordpress: multiple issues

wordpress: multiple issues

2015-09-2100:00:00

Arch Linux

lists.archlinux.org

0.126 Low

EPSS

Percentile

95.5%

JSON

CVE-2015-5714 (cross-side scripting)

A cross-site scripting vulnerability has been discovered when processing
shortcode tags.

CVE-2015-5715 (permission bypass)

It has been discovered that users without proper permissions could
publish private posts and make them sticky.

OSVersionArchitecturePackageVersionFilename
anyanyanywordpress< 4.3.1-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
any	any	any	wordpress	< 4.3.1-1	UNKNOWN

References

access.redhat.com/security/cve/CVE-2015-5714

access.redhat.com/security/cve/CVE-2015-5715

bugs.archlinux.org/task/46340

wordpress.org/news/2015/09/wordpress-4-3-1/

fedora 3

securityvulns 2

nessus 10

openvas 8

mageia 1

debian 4

osv 3

archlinux 2

freebsd 1

wpvulndb 2

nvd 3

prion 3

wpexploit 1

debiancve 3

seebug 1

cvelist 3

veracode 1

ubuntucve 3

cve 3

checkpoint_advisories 1

patchstack 1

fedora

[SECURITY] Fedora 22 Update: wordpress-4.3.1-1.fc22

2015-09-25 10:57:35

[SECURITY] Fedora 21 Update: wordpress-4.3.1-1.fc21

2015-09-25 12:21:08

[SECURITY] Fedora 23 Update: wordpress-4.3.1-1.fc23

2015-09-25 08:54:37

securityvulns

[SECURITY] [DSA 3375-1] wordpress security update

2015-10-26 00:00:00

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

2015-10-26 00:00:00

nessus

Fedora 23 : wordpress-4.3.1-1.fc23 (2015-15983)

2015-09-28 00:00:00

Fedora 22 : wordpress-4.3.1-1.fc22 (2015-15981)

2015-09-28 00:00:00

Debian DLA-321-1 : wordpress security update

2015-10-01 00:00:00

openvas

Debian Security Advisory DSA 3375-1 (wordpress - security update)

2015-10-19 00:00:00

Fedora Update for wordpress FEDORA-2015-15981

2015-09-26 00:00:00

Fedora Update for wordpress FEDORA-2015-15982

2015-09-26 00:00:00

mageia

Updated wordpress package fixes security vulnerabilities

2015-09-17 21:02:40

debian

[SECURITY] [DLA 321-1] wordpress security update

2015-09-30 12:53:06

[SECURITY] [DSA 3375-1] wordpress security update

2015-10-19 20:18:06

[SECURITY] [DSA 3383-1] wordpress security update

2015-10-29 20:02:31

osv

wordpress - security update

2015-09-30 00:00:00

wordpress - security update

2015-10-19 00:00:00

wordpress - security update

2015-10-29 00:00:00

archlinux

wordpress: multiple issues

2015-10-30 00:00:00

lldpd: denial of service

2015-10-30 00:00:00

freebsd

wordpress -- multiple vulnerabilities

2015-09-15 00:00:00

wpvulndb

WordPress <= 4.3 - Authenticated Shortcode Tags Cross-Site Scripting (XSS)

2015-09-15 00:00:00

WordPress <= 4.3 - Publish Post & Mark as Sticky Permission Issue

2015-09-15 00:00:00

nvd

CVE-2015-5714

2016-05-22 01:59:01

CVE-2015-7989

2016-05-22 01:59:03

CVE-2015-5715

2016-05-22 01:59:02

prion

Cross site scripting

2016-05-22 01:59:00

Design/Logic Flaw

2016-05-22 01:59:00

Cross site scripting

2016-05-22 01:59:00

wpexploit

WordPress <= 4.3 - Authenticated Shortcode Tags Cross-Site Scripting (XSS)

2015-09-15 00:00:00

debiancve

CVE-2015-5714

2016-05-22 01:59:01

CVE-2015-5715

2016-05-22 01:59:02

CVE-2015-7989

2016-05-22 01:59:03

seebug

WordPress <= 4.3.0 跨站脚本漏洞

2015-09-19 00:00:00

cvelist

CVE-2015-5714

2016-05-22 01:00:00

CVE-2015-5715

2016-05-22 01:00:00

CVE-2015-7989

2016-05-22 01:00:00

veracode

Cross-Site Scripting (XSS)

2017-07-28 03:02:00

ubuntucve

CVE-2015-5714

2016-05-22 00:00:00

CVE-2015-5715

2016-05-22 00:00:00

CVE-2015-7989

2016-05-22 00:00:00

cve

CVE-2015-5714

2016-05-22 01:59:01

CVE-2015-7989

2016-05-22 01:59:03

CVE-2015-5715

2016-05-22 01:59:02

checkpoint_advisories

WordPress Core Persistent Cross-Site Scripting (CVE-2015-5714)

2015-08-13 00:00:00

patchstack

WordPress <= 4.3.0 - BYPASS

2015-08-02 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.126 Low

EPSS

Percentile

95.5%

JSON

Related for ASA-201509-7