Dominik Schilling - Security Researcher - Exploit Intelligence Platform

CVE-2015-5715 WRITEUP MEDIUM WRITEUP

WordPress <4.3.1 - Auth Bypass

The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arrange for a private post to be published and sticky, via unspecified vectors.

CVSS 4.3

View Code

CVE-2017-5488 WRITEUP MEDIUM WRITEUP

Wordpress < 4.7 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin.

CVSS 6.1

View Code

CVE-2017-5490 WRITEUP MEDIUM WRITEUP

Wordpress < 4.7 - XSS

Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to wp-admin/includes/class-theme-installer-skin.php.

CVSS 6.1

View Code

CVE-2017-5610 WRITEUP MEDIUM WRITEUP

Wordpress < 4.7.1 - Information Disclosure

wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms.

CVSS 5.3

View Code

CVE-2017-5611 WRITEUP CRITICAL WRITEUP

Wordpress < 4.7.1 - SQL Injection

SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.

CVSS 9.8

View Code

CVE-2017-6817 WRITEUP MEDIUM WRITEUP

WordPress <4.7.3 - XSS

In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.

CVSS 5.4

View Code

CVE-2017-9063 WRITEUP MEDIUM WRITEUP

WordPress <4.7.5 - XSS

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.

CVSS 6.1

View Code

CVE-2018-10100 WRITEUP MEDIUM WRITEUP

WordPress <4.9.5 - Open Redirect

Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

CVSS 6.1

View Code

CVE-2018-10101 WRITEUP MEDIUM WRITEUP

WordPress <4.9.5 - Info Disclosure

Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

CVSS 6.1

View Code

CVE-2018-10102 WRITEUP MEDIUM WRITEUP

WordPress <4.9.5 - XSS

Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.

CVSS 6.1

View Code