DSA-3250-1 wordpress -- wordpress| ID: oval:org.secpod.oval:def:602066 | Date: (C)2015-05-11 (M)2022-09-22 |
| Class: PATCH | Family: unix |
Multiple security issues have been discovered in Wordpress, a weblog manager, that could allow remote attackers to upload files with invalid or unsafe names, mount social engineering attacks or compromise a site via cross-site scripting, and inject SQL commands. More information can be found in the upstream advisories at https://wordpress.org/news/2015/04/wordpress-4-1-2/ and https://wordpress.org/news/2015/04/wordpress-4-2-1/
| Platform: |
| Debian 8.x |
| Debian 7.x |
