If you are using WordPress, please take a moment to go through the process of updating your WordPress installation through the WordPress Administrator. Several vulnerabilities have been identified with WordPress version 3.5.1:
CVE-2013-2173
A denial of service was found in the way wordpress performs hash computation when checking password for protected posts. An attacker supplying carefully crafted input as a password could make the platform use excessive CPU usage
CVE-2013-2199
Multiple server-side requests forgery (SSRF) vulnerabilities were found in the HTTP API. This is related to CVE-2013-0235, which was specific to SSRF in pingback requests and was fixed in 3.5.1
CVE-2013-2200
Inadequate checking of a user’s capabilities could lead to a privilege escalation, enabling them to publish posts when their user role should not allow for it and to assign posts to other authors
CVE-2013-2201
Multiple cross-side scripting (XSS) vulnerabilities due to badly escaped input were found in the media files and plugins upload forms
CVE-2013-2202
XML External Entity Injection (XXE) vulnerability via oEmbed responsesCVE-2013-2203
A Full path disclosure (FPD) was found in the file upload mechanism. If the upload directory is not writable, the error message returned includes the full directory path
CVE-2013-2204
Content spoofing via flash applet in the embedded tinyMCE media plugin
CVE-2013-2205
Cross-domain XSS in the embedded SWFupload uploader
Thanks for your time and attention. Again, please make sure to update your WordPress installation through the WordPress Administrator in order to keep these vulnerabilities from affecting your installation. You can upgrade through the WordPress Administrator, or you can update using Softaculous installer.
Email: | support@WebHostingHub.com | Ticket: | Submit a Support Ticket |
---|---|---|---|
Call: | 757-416-6627 | Chat: | Click To Chat Now |
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!