FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wordpress -- multiple vulnerabilities

Affected packages
		wordpress	<	3.3.2,1

Details

VuXML ID	b384cc5b-8d56-11e1-8d7b-003067b2972c
Discovery	2012-04-20
Entry	2012-04-23

Wordpress reports:

External code has been updated to non-vulnerable versions. In addition the following bugs have been fixed:

Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.

Cross-site scripting vulnerability when making URLs clickable.

Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.

[source]

References

CVE Name	CVE-2012-2399
CVE Name	CVE-2012-2400
CVE Name	CVE-2012-2401
CVE Name	CVE-2012-2402
CVE Name	CVE-2012-2403
CVE Name	CVE-2012-2404
URL	https://codex.wordpress.org/Version_3.3.2