API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 24th, 2019
224
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.51 KB | None | 0 0
raw download clone embed print report
  1. | [!] Title: WordPress <= 5.0 - Authenticated File Delete
  2. | Fixed in: 4.9.9
  3. | References:
  4. | - https://wpvulndb.com/vulnerabilities/9169
  5. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20147
  6. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  7. |
  8. | [!] Title: WordPress <= 5.0 - Authenticated Post Type Bypass
  9. | Fixed in: 4.9.9
  10. | References:
  11. | - https://wpvulndb.com/vulnerabilities/9170
  12. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20152
  13. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  14. | - https://blog.ripstech.com/2018/wordpress-post-type-privilege-escalation/
  15. |
  16. | [!] Title: WordPress <= 5.0 - PHP Object Injection via Meta Data
  17. | Fixed in: 4.9.9
  18. | References:
  19. | - https://wpvulndb.com/vulnerabilities/9171
  20. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20148
  21. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  22. |
  23. | [!] Title: WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)
  24. | Fixed in: 4.9.9
  25. | References:
  26. | - https://wpvulndb.com/vulnerabilities/9172
  27. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20153
  28. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  29. |
  30. | [!] Title: WordPress <= 5.0 - Cross-Site Scripting (XSS) that could affect plugins
  31. | Fixed in: 4.9.9
  32. | References:
  33. | - https://wpvulndb.com/vulnerabilities/9173
  34. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20150
  35. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  36. | - https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
  37. |
  38. | [!] Title: WordPress <= 5.0 - User Activation Screen Search Engine Indexing
  39. | Fixed in: 4.9.9
  40. | References:
  41. | - https://wpvulndb.com/vulnerabilities/9174
  42. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20151
  43. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  44. |
  45. | [!] Title: WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
  46. | Fixed in: 4.9.9
  47. | References:
  48. | - https://wpvulndb.com/vulnerabilities/9175
  49. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20149
  50. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  51. | - https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!