[ubuntu/artful-proposed] wordpress 4.8.2+dfsg-1 (Accepted)
Jeremy Bicha
jeremy at bicha.net
Fri Sep 22 19:13:50 UTC 2017
wordpress (4.8.2+dfsg-1) unstable; urgency=high
* New upstream security release fixes 9 security issues closes: #876274
CVE IDs will be updated when issued
- CVE-2017-XXX
$wpdb->prepare() can create unexpected and unsafe queries leading to
potential SQL injection (SQLi)
- CVE-2017-TBA
Cross-site scripting (XSS) vulnerability in the oEmbed discovery
- CVE-2017-TBA
Cross-site scripting (XSS) vulnerability in the visual editor
- CVE-2017-TBA
Path traversal vulnerability in the file unzipping code
- CVE-2017-TBA
Cross-site scripting (XSS) vulnerability in the plugin editor
- CVE-2017-TBA
Open redirect in the user and term edit screens
- CVE-2017-TBA
Path traversal vulnerability in the customizer
- CVE-2017-TBA
Cross-site scripting (XSS) vulnerability in template names
- CVE-2017-TBA
Cross-site scripting (XSS) vulnerability in the link modal
Date: 2017-09-22 16:37:20.517574+00:00
Changed-By: Craig Small <csmall at debian.org>
Signed-By: Jeremy Bicha <jeremy at bicha.net>
https://launchpad.net/ubuntu/+source/wordpress/4.8.2+dfsg-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Artful-changes
mailing list