|
|
Credit:
The information has been provided by The vendor reported these issues.
The original article can be found at: http://www.securityfocus.com/bid/53192
|
|
Vulnerable Systems:
* WordPress WordPress 3.1.4
* WordPress WordPress 3.1.3
* WordPress WordPress 3.1.2
* WordPress WordPress 3.1.1
* WordPress WordPress 3.0.5
* WordPress WordPress 3.0.4
* WordPress WordPress 3.0.3
* WordPress WordPress 3.0.2
* WordPress WordPress 2.9.2
* WordPress WordPress 2.9.1
* WordPress WordPress 2.8.6
* WordPress WordPress 2.8.5
* WordPress WordPress 2.8.4
* WordPress WordPress 2.8.3
* WordPress WordPress 2.8.2
* WordPress WordPress 2.8.1
* WordPress WordPress 2.6.5
* WordPress WordPress 2.6.2
* WordPress WordPress 2.6.1
* WordPress WordPress 2.5.1
* WordPress WordPress 2.3.3
* WordPress WordPress 2.3.2
* WordPress WordPress 2.3.1
* WordPress WordPress 2.2.3
* WordPress WordPress 2.2.2
* WordPress WordPress 2.2.1
* WordPress WordPress 2.1.3
* WordPress WordPress 2.1.2
* WordPress WordPress 2.1.1
* WordPress WordPress 2.0.11
* WordPress WordPress 2.0.10
* WordPress WordPress 2.0.7
* WordPress WordPress 2.0.6
* WordPress WordPress 2.0.5
* WordPress WordPress 2.0.4
* WordPress WordPress 2.0.3
* WordPress WordPress 2.0.2
* WordPress WordPress 2.0.1
* WordPress WordPress 2.0
* WordPress WordPress 1.5.2
* WordPress WordPress 1.5.1 .3
* WordPress WordPress 1.5.1 .2
* WordPress WordPress 1.5.1
* WordPress WordPress 1.5
* WordPress WordPress 1.3.1
* WordPress WordPress 1.2.2
* WordPress WordPress 1.2.2
* WordPress WordPress 1.2.1
* WordPress WordPress 1.2
* WordPress WordPress 3.3.1
* WordPress WordPress 3.3
* WordPress WordPress 3.2-RC3
* WordPress WordPress 3.2-RC1
* WordPress WordPress 3.1.3
* WordPress WordPress 3.1
* WordPress WordPress 3.0.6
* WordPress WordPress 3.0.4
* WordPress WordPress 3.0.3
* WordPress WordPress 3.0.2
* WordPress WordPress 3.0.1
* WordPress WordPress 3.0
* WordPress WordPress 2.9.1.1
* WordPress WordPress 2.9
* WordPress WordPress 2.8.5.2
* WordPress WordPress 2.8.5.1
* WordPress WordPress 2.8.4 A
* WordPress WordPress 2.8
* WordPress WordPress 2.7.1
* WordPress WordPress 2.7
* WordPress WordPress 2.6.3
* WordPress WordPress 2.6
* WordPress WordPress 2.5
* WordPress WordPress 2.3
* WordPress WordPress 2.2 Revision 5003
* WordPress WordPress 2.2 Revision 5002
* WordPress WordPress 2.2
* WordPress WordPress 2.1.3-RC2
* WordPress WordPress 2.1.3-RC1
* WordPress WordPress 2.1
* WordPress WordPress 2.0.9
* WordPress WordPress 2.0.8
* WordPress WordPress 2.0.10-RC2
* WordPress WordPress 2.0.10-RC1
* WordPress WordPress 2.0
* WordPress WordPress 1.5.1.1
* WordPress WordPress 1.5
* WordPress WordPress 1.3.3
* WordPress WordPress 1.3.2
* WordPress WordPress 1.3
* WordPress WordPress 1.2.5 A
* WordPress WordPress 1.2.5
* WordPress WordPress 1.2.4
* WordPress WordPress 1.2.3
* WordPress WordPress 1.1.1
* WordPress WordPress 1.0.2
* WordPress WordPress 1.0.1
* WordPress WordPress 1.0
Immune Systems:
* WordPress WordPress 3.3.2
Attackers can exploit the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials or launch other attacks.Attackers can exploit the security-bypass issue to bypass security restrictions and perform unauthorized actions.
Vendor Status:
Vendor had issued an update for this vulnerability
Patch Availability:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670124
CVE Information:
CVE-2012-2399
CVE-2012-2400
CVE-2012-2401
CVE-2012-2402
CVE-2012-2403
CVE-2012-2404
Disclosure Timeline:
Initial Release: Apr 20 2012
|
|