Download
| Alert*
oval:org.secpod.oval:def:1900278
WordPress before 4.8.3 is affected by an issue where $wpdb->prepare can create unexpected and unsafe queries leading to potential SQL injection in plugins and themes, as demonstrated by a "double prepare"approach, a different vulnerability than CVE-2017-14723. oval:org.secpod.oval:def:603239 Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injections and various Cross-Side Scripting and Server-Side Request Forgery attacks, as well as bypass some access restrictions. oval:org.secpod.oval:def:53230 Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injections and various Cross-Side Scripting and Server-Side Request Forgery attacks, as well as bypass some access restrictions. |