Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2011-3127

Published: 10/08/2011 Updated: 29/08/2017
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Subscribe to Wordpress

Vulnerability Summary

WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web site.

Vulnerable Product Search on Vulmon Subscribe to Product

wordpress wordpress 3.1

wordpress wordpress 3.2

wordpress wordpress 3.1.1

wordpress wordpress 3.1.2

Vendor Advisories

Debian CVElist Bug Report Logs: wordpress: Multiple security issues
Debian Bug report logs - #713947 wordpress: Multiple security issues Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Mon, 24 Jun 2013 06:39:02 UTC Severity: grave Tags: ...
Debian Security Advisories: DSA-2470-1 wordpress -- several vulnerabilities
Several vulnerabilities were identified in WordPress, a web blogging tool As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the wordpress package to the latest upstream version instead of backporting the patches This means extra care should be taken when upgrading, ...

Github Repositories

https://github.com/GianfrancoLeto/CodepathWeek7

Week 7 WordPress Exploits

Project 7 - WordPress Pentesting Time spent: 3 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pentesting Report WordPress <= 422 - Authenticated Stored Cross-Site Scripting (XSS) (CVE-2015-5622) Summary: This is an XSS attack used to inject js into WordPress comments It is trigger

References

CWE-20http://wordpress.org/news/2011/05/wordpress-3-1-3/http://www.securityfocus.com/bid/47995http://www.debian.org/security/2012/dsa-2470http://secunia.com/advisories/49138https://exchange.xforce.ibmcloud.com/vulnerabilities/69172https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=713947https://nvd.nist.govhttps://github.com/GianfrancoLeto/CodepathWeek7https://www.debian.org/security/./dsa-2470
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook