oss-sec mailing list archives
CVE request: WordPress 3.1.4 (and 3.2 Release Candidate 3)
From: Henri Salo <henri () nerv fi>
Date: Mon, 28 Jan 2013 10:56:48 +0200
Hello, Vulnerabilities fixed in WordPress 3.1.4[1] does not yet have CVE identifiers. As far as I can tell there is three different issues[2][3][4]. Details of issue OSVDB:73721 from Andrew Nacin below: Using specially crafted requests under certain conditions, users without the ability to write with unfiltered HTML could add some to a post, and could update posts where they did not have a permission to do so. The relevant changeset is: http://core.trac.wordpress.org/changeset/18368/branches/3.1 1: http://wordpress.org/news/2011/06/wordpress-3-1-4/ 2: http://osvdb.org/73721 WordPress Unspecified Access Restriction Bypass 3: http://osvdb.org/73722 WordPress wp-admin/edit-tags.php Multiple Parameter SQL Injection 4: http://osvdb.org/73723 WordPress wp-admin/link-manager.php Multiple Parameter SQL Injection Please note that these need to be CVE-2011-XXXX, thanks. -- Henri Salo
Current thread:
- CVE request: WordPress 3.1.4 (and 3.2 Release Candidate 3) Henri Salo (Jan 28)
- Re: CVE request: WordPress 3.1.4 (and 3.2 Release Candidate 3) Kurt Seifried (Jan 28)