summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFlorian Smeets <flo@FreeBSD.org>2015-08-06 19:55:04 +0000
committerFlorian Smeets <flo@FreeBSD.org>2015-08-06 19:55:04 +0000
commit0045db9f56c7dc10fbf45ce979ddfd104fb19a57 (patch)
tree7696939a7420e871d9b79dd1ea11c5a5627f79a6
parentRevert pkg-plist OPENSSL_SHLIBVER addition (diff)
Document wordpress vulnerabilities
Security: CVE-2015-2213
Diffstat
-rw-r--r--security/vuxml/vuln.xml36
1 files changed, 36 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 810b11bcf369..a1b23222b899 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -58,6 +58,42 @@ Notes:
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="ac5ec8e3-3c6c-11e5-b921-00a0986f28c4">
+ <topic>wordpress -- Multiple vulnerability</topic>
+ <affects>
+ <package>
+ <name>wordpress</name>
+ <range><lt>4.2.4,1</lt></range>
+ </package>
+ <package>
+ <name>de-wordpress</name>
+ <name>ja-wordpress</name>
+ <name>ru-wordpress</name>
+ <name>zh-wordpress-zh_CH</name>
+ <name>zh-wordpress-zh_TW</name>
+ <range><lt>4.2.4</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Gary Pendergast reports:</p>
+ <blockquote cite="https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/">
+ <p>WordPress 4.2.4 fixes three cross-site scripting vulnerabilities
+ and a potential SQL injection that could be used to compromise a
+ site.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/</url>
+ <cvename>CVE-2015-2213</cvename>
+ </references>
+ <dates>
+ <discovery>2015-08-04</discovery>
+ <entry>2015-08-06</entry>
+ </dates>
+ </vuln>
+
<vuln vid="57bb5e3d-3c4f-11e5-a4d4-001e8c75030d">
<topic>subversion -- multiple vulnerabilities</topic>
<affects>
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 12:35:05 +0000