Bugs fixes in "wordpress"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| Launchpad | 1970194 | ubuntu 22.04 package wordpress incompatible with default php version 8.1 | 2023-05-24 |
| Launchpad | 1970194 | ubuntu 22.04 package wordpress incompatible with default php version 8.1 | 2023-05-13 |
| CVE | CVE-2014-5240 | Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticat | 2014-11-22 |
| CVE | CVE-2014-5205 | wp-includes/pluggable.php in WordPress before 3.9.2 does not use delimiters during concatenation of action values and uid values in CSRF tokens, whic | 2014-11-22 |
| CVE | CVE-2014-5204 | wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CSRF nonces with a different timing depending on which characters in the nonce ar | 2014-11-22 |
| CVE | CVE-2014-5266 | The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of ele | 2014-11-22 |
| CVE | CVE-2014-5265 | The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations with | 2014-11-22 |
| CVE | CVE-2014-2053 | getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a deni | 2014-11-22 |
| Launchpad | 1395336 | security fixes since 3.8.2 | 2014-11-22 |
| CVE | CVE-2014-5240 | Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticat | 2014-11-22 |
| CVE | CVE-2014-5205 | wp-includes/pluggable.php in WordPress before 3.9.2 does not use delimiters during concatenation of action values and uid values in CSRF tokens, whic | 2014-11-22 |
| CVE | CVE-2014-5204 | wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CSRF nonces with a different timing depending on which characters in the nonce ar | 2014-11-22 |
| CVE | CVE-2014-5266 | The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of ele | 2014-11-22 |
| Launchpad | 1395336 | security fixes since 3.8.2 | 2014-11-22 |
| CVE | CVE-2014-0166 | Wordpress potential authentication cookie forgery | 2014-04-09 |
| CVE | CVE-2014-0165 | Wordpress privilege escalation: prevent contributors from publishing posts | 2014-04-09 |
| Debian | 744019 | CVE-2014-0157: XSS in Horizon orchestration dashboard - Debian Bug report logs | 2014-04-09 |
| Debian | 736514 | missing licenses in debian/copyright - Debian Bug report logs | 2014-02-17 |
| CVE | CVE-2012-0287 | Cross-site scripting (XSS) vulnerability in wp-comments-post.php in WordPress 3.3.x before 3.3.1, when Internet Explorer is used, allows remote attack | 2012-01-16 |
| Debian | 646729 | wordpress: missing source for jquery.js - Debian Bug report logs | 2012-01-03 |
About
-
Send Feedback to @ubuntu_updates
