CVE-2012-4421 (GCVE-0-2012-4421)
Vulnerability from cvelistv5
Published
2012-09-14 19:00
Modified
2024-09-17 03:59
Severity ?
CWE
  • n/a
Summary
The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol (aka AtomPub) feature.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:35:09.612Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20120913 Re: CVEs for wordpress 3.4.2 release",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2012/09/13/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://core.trac.wordpress.org/changeset?old_path=%2Ftags%2F3.4.1\u0026old=21780\u0026new_path=%2Ftags%2F3.4.2\u0026new=21780#file2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://codex.wordpress.org/Version_3.4.2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol (aka AtomPub) feature."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-09-14T19:00:00Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20120913 Re: CVEs for wordpress 3.4.2 release",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2012/09/13/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://core.trac.wordpress.org/changeset?old_path=%2Ftags%2F3.4.1\u0026old=21780\u0026new_path=%2Ftags%2F3.4.2\u0026new=21780#file2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://codex.wordpress.org/Version_3.4.2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-4421",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol (aka AtomPub) feature."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20120913 Re: CVEs for wordpress 3.4.2 release",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2012/09/13/4"
            },
            {
              "name": "http://core.trac.wordpress.org/changeset?old_path=%2Ftags%2F3.4.1\u0026old=21780\u0026new_path=%2Ftags%2F3.4.2\u0026new=21780#file2",
              "refsource": "CONFIRM",
              "url": "http://core.trac.wordpress.org/changeset?old_path=%2Ftags%2F3.4.1\u0026old=21780\u0026new_path=%2Ftags%2F3.4.2\u0026new=21780#file2"
            },
            {
              "name": "http://codex.wordpress.org/Version_3.4.2",
              "refsource": "CONFIRM",
              "url": "http://codex.wordpress.org/Version_3.4.2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-4421",
    "datePublished": "2012-09-14T19:00:00Z",
    "dateReserved": "2012-08-21T00:00:00Z",
    "dateUpdated": "2024-09-17T03:59:31.261Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-4421\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-09-14T19:55:01.777\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol (aka AtomPub) feature.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n create_post en wp-includes/class-wp-atom-server.php en WordPress antes de v3.4.2 no realiza determinadas comprobaciones, lo que permite a usuarios remotos autenticados eludir restricciones de acceso y publicar nuevos mensajes aprovech\u00e1ndose del rol de Colaborador y usando el Protocolo de Publicaci\u00f3n (Conocido como AtomPub).\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:P/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.4.1\",\"matchCriteriaId\":\"106895D0-31B7-448D-B839-1DAF483FBB47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C8B90E9-5DF5-45F5-9810-2973FDAA16A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7D86BA1-3DC8-478C-B2FA-581F9AE1F93E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E7BEFBD-4326-44A5-A160-9406D94AB307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E85A88D7-07A1-4A8C-88B5-057AD9C675E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8B664FF-DF43-45C3-A42D-1FCD42A597B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF1FE320-DF71-42EC-A0F0-300F7D6D4AB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B64D4777-2ED6-4A47-A8F3-38A3A8EB1ACB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"614956CB-0582-4EAD-86F4-5AB0BB781CE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59F19F56-9338-4917-B782-AA70BF1511EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B83B70AE-3C27-4AD0-869C-E219728A8D92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62C3BA98-8CF0-4440-BE46-27FC0E20BC38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.2.5:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D437FE7-78EA-4264-BF16-1B5757AC6AE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A53347E6-D721-4E47-BE5B-FA927B9DB164\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C97B7C-77F4-4020-8574-E853CE5CD885\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B47496E3-BB07-45E6-ACCA-84D5EF499E21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"503E4894-3F39-471F-9A56-052718813BF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38085E5A-7B41-4E43-8A22-5FD44970F3EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF628FB8-1AC4-4F15-9967-E60785A32D1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F0BF1F6-A54A-48E8-A872-015FE10E5D03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F0B6EAC-E43D-4D1B-856F-7C23250A2355\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51FAD0FC-CE84-4332-B061-75C0C8A0B6AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDCFE9AA-39E9-4366-AAB7-F7A891BC797E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAF4671A-8449-438E-922B-94E5542137BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F05A1F-2227-4166-807B-1BDE2EA8F245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EECE66B3-3696-4E98-AF63-DF2FB256A6FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E75BB382-6B47-4C6A-BF94-80443BEB1A23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFA75368-506F-4772-B0F2-8AAECDF288F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDDD9E5C-766F-4945-B87D-781E780AB03E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A48C0BB5-2D87-49ED-A8EB-843E5F0EAE8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6AAA17D-FBB8-4F54-82E2-870D6FA5C299\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2A0CAEE-5C14-44C6-85FB-6AFDAAA1C3F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66BE667A-A937-4C38-B4D5-29B33F23F7B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A3624D4-E666-4A1B-B465-714ACBA0034C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A7CBC45-320E-48CF-9A63-07DDE2FB61BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"266E32CD-66FB-4E19-8091-EC748B177D8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DD9120-2224-4612-A6EE-539F47BD50E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A9FBA02-8A6A-471F-92CD-D8E77B5061C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B5BC7E8-4C8A-4183-AB8C-1DAE12935387\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0F9137B-D13F-488B-8196-85E06FAB682E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82F257F4-CB62-4C6F-8866-AA253EC8C0C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79AB6F6F-2FE3-4FC3-9009-D40EA852711F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A82F4D88-779D-4D5D-96CD-2B31B61BA29E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA0DABD9-DE15-4619-8668-0277A67F5205\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A80D1CBE-DA6D-4939-A4A4-8F237C97F76C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40BEC573-A346-4F07-8053-A5F6E92A343C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A777651-D2B2-47E0-A13C-BD667635F3E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B017F95A-90F8-4DE4-B74F-ABB712F32987\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1503C4CB-5D58-4523-860C-4B637AD91CB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55050BF2-A950-45FF-8CD7-7689431AD82A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1253161D-F1C8-46D6-B970-20335071500E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEE401B3-6291-4EA8-8800-0350BAC0B22E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C0D45AE-F0FE-4005-80FB-FEFD2DCCE7D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5663CAA-0859-447E-8489-02CE4315DF91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"480AE325-6DE1-4769-A931-0C6F40D15267\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE23B6C2-354C-47BE-87B9-D4A0A3EE8ADC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC657077-8955-4CE6-93D8-F78B1BA3A949\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43FADD00-822C-4BA2-A39F-1459AD786683\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D863DE9E-FD9E-4EA1-9615-02D678813AB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8.4:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ABD501B-351E-4B4E-9B0B-CF8DCBC72E66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AA39559-D170-4644-B04D-D6D806B5F33C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54954434-86BC-403C-949D-E9DA8931FE6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9A88E6C-BE39-4668-BD0F-EBDBA41010F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA7BF77C-68A1-421B-A446-6206354CA7FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF45B5A6-0D49-494F-98A0-CCCBB0CBB882\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB874C78-3F05-4053-A685-40DE7055359C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BC0FFB2-58E1-47D2-ACB0-9102D4E09675\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:2.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"654F2F75-42D4-4D7A-A8B8-F1C580ABDCA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A684588-4D37-4817-9A1A-BF2E70EC8F7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05D3E145-ECF8-4BAD-9471-4E4605887B18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"525887EE-50DB-4739-8897-A0D19D486CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DC19614-2A59-4A49-B824-35975502B38F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E2DDB9C-E1D7-4DBD-A27C-93C9A9C0B7E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"832F89CB-595B-407A-A27C-F655F7112830\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89977E0E-694C-49FA-814D-D356EC9294C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88D1E83C-39AC-4E3D-874A-AF0F16ADDE41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65FD149E-8CF4-46FE-9F5E-9DEE61B4164C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D23F1397-7262-4B61-8061-83C2ED731DB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C85D16FE-BB31-4866-8F85-22F1C0F1131D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3446B691-B59E-4FCC-9F88-385AED59CBA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47275886-14AC-4BD2-BAE7-5203A9D6D6B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07D26683-3F22-4BAD-BD4F-CB712DB8F855\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"648439C2-2459-4AB3-9E9A-B63F5030A4AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13CF5422-62D0-4777-AA94-5C166AEA4AA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19420CF9-1B33-422F-8D47-A8FE58F84944\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6EA8986-0845-4F67-9429-C6DAA0006C85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wordpress:wordpress:3.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7FE29FD-889A-449D-BD1F-648F06D81F5A\"}]}]}],\"references\":[{\"url\":\"http://codex.wordpress.org/Version_3.4.2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://core.trac.wordpress.org/changeset?old_path=%2Ftags%2F3.4.1\u0026old=21780\u0026new_path=%2Ftags%2F3.4.2\u0026new=21780#file2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2012/09/13/4\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://codex.wordpress.org/Version_3.4.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://core.trac.wordpress.org/changeset?old_path=%2Ftags%2F3.4.1\u0026old=21780\u0026new_path=%2Ftags%2F3.4.2\u0026new=21780#file2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2012/09/13/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.