martes, 28 de junio de 2016

1001 WORDPRESS exploits el Paraiso... 28-06-16





Amigos les dejo una página web donde van poniendo todas las vulnerabiliddes que van apareciendo en WORDPRESs.




WordPress Vulnerabilities

Version Added Title
4.5.2 2016-06-21 WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
4.5.2 2016-06-21 WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
4.5.2 2016-06-21 WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
4.5.2 2016-06-22 WordPress 4.5.2 - Redirect Bypass
4.5.2 2016-06-22 WordPress 4.5.2 - oEmbed Denial of Service (DoS)
4.5.2 2016-06-22 WordPress 4.5.2 - Password Change via Stolen Cookie
4.5.1 2016-05-06 WordPress 4.2-4.5.1 - MediaElement.js Reflected Cross-Site Scripting (XSS)
4.5.1 2016-05-06 WordPress <= 4.5.1 - Pupload Same Origin Method Execution (SOME)
4.5.1 2016-06-21 WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
4.5.1 2016-06-21 WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
4.5.1 2016-06-21 WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
4.5 2016-05-06 WordPress 4.2-4.5.1 - MediaElement.js Reflected Cross-Site Scripting (XSS)
4.5 2016-05-06 WordPress <= 4.5.1 - Pupload Same Origin Method Execution (SOME)
4.5 2016-06-21 WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
4.5 2016-06-21 WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
4.5 2016-06-21 WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
4.4.3 2016-06-21 WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
4.4.3 2016-06-21 WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
4.4.3 2016-06-21 WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
4.4.2 2016-04-28 WordPress <= 4.4.2 - SSRF Bypass using Octal & Hexedecimal IP addresses
4.4.2 2016-04-28 WordPress <= 4.4.2 - Reflected XSS in Network Settings
4.4.2 2016-04-28 WordPress <= 4.4.2 - Script Compression Option CSRF
4.4.2 2016-05-06 WordPress 4.2-4.5.1 - MediaElement.js Reflected Cross-Site Scripting (XSS)
4.4.2 2016-05-06 WordPress <= 4.5.1 - Pupload Same Origin Method Execution (SOME)
4.4.2 2016-06-21 WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
4.4.2 2016-06-21 WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
4.4.2 2016-06-21 WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
en

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)

Crowdstrike -> Solución de errores de actualización de CrowdStrike con BitLocker habilitado

En este pequeño articulo ver como componer el problema de CROWDSTRIKE cuando esta habilitado el BITLOCKER, cabe resaltar que puede ser una e...