eMAG - logo modivo - logo Altex - logo evoMAG - logo Fashion Days - logo Vexio - logo Amazon.de - logo QuickMobile - logo
*dacă dai click și cumperi din aceste magazine online, vei susține acest blog. Imaginile conțin linkuri afiliate către acestea. Mulțumesc!

Astăzi celebra platformă de blogging WordPress ne aduce un nou update, rezolvând o parte de probleme de securitate precum și alte fixuri.

Screen Shot 2013-06-22 at 12.04.09

 

Change log:

* Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199.
* Privilege Escalation: Contributors can publish posts, and users can reassign authorship. CVE-2013-2200.
* Cross-Site Scripting (XSS) in SWFUpload. CVE-2013-2205.
* Denial of Service (DoS) via Post Password Cookies. CVE-2013-2173.
* Content Spoofing via Flash Applet in TinyMCE Media Plugin. CVE-2013-2204.
* Cross-Site Scripting (XSS) when Uploading Media. CVE-2013-2201.
* Full Path Disclosure (FPD) during File Upload. CVE-2013-2203.
* Cross-Site Scripting (XSS) (Low Severity) when Editing Media. CVE-2013-2201.
* Cross-Site Scripting (XSS) (Low Severity) when Installing/Updating Plugins/Themes. CVE-2013-2201.
* XML External Entity Injection (XXE) via oEmbed. CVE-2013-2202.

Files revised:

readme.html
wp-admin/includes/media.php
wp-admin/includes/class-wp-importer.php
wp-admin/includes/file.php
wp-admin/includes/post.php
wp-admin/includes/upgrade.php
wp-admin/includes/schema.php
wp-admin/includes/class-wp-upgrader.php
wp-admin/includes/update-core.php
wp-admin/update.php
wp-admin/about.php
wp-admin/edit-form-advanced.php
wp-login.php
wp-includes/class-wp-xmlrpc-server.php
wp-includes/rss.php
wp-includes/functions.php
wp-includes/formatting.php
wp-includes/post.php
wp-includes/media-template.php
wp-includes/deprecated.php
wp-includes/wp-db.php
wp-includes/user.php
wp-includes/class-wp-admin-bar.php
wp-includes/version.php
wp-includes/class-phpass.php
wp-includes/comment.php
wp-includes/pluggable.php
wp-includes/class-feed.php
wp-includes/script-loader.php
wp-includes/class-http.php
wp-includes/js/media-editor.min.js
wp-includes/js/swfupload/swfupload-all.js
wp-includes/js/swfupload/handlers.js
wp-includes/js/swfupload/handlers.min.js
wp-includes/js/swfupload/swfupload.swf
wp-includes/js/plupload/handlers.js
wp-includes/js/plupload/handlers.min.js
wp-includes/js/tinymce/wp-tinymce.js.gz
wp-includes/js/tinymce/plugins/media/moxieplayer.swf
wp-includes/js/tinymce/tiny_mce.js
wp-includes/js/media-editor.js
wp-includes/class-oembed.php
wp-includes/post-template.php
wp-includes/http.php

 


Urmărește-mă pe Google News sau activează

3.5.2 security update Wordpress
0 Comentarii
Adaugă un comentariu

Ți-a plăcut articolul? Lasă un comentariu

Reduceri
eMAG - logo modivo - logo Altex - logo evoMAG - logo Fashion Days - logo Vexio - logo Amazon.de - logo QuickMobile - logo
*dacă dai click și cumperi din aceste magazine online, vei susține acest blog. Imaginile conțin linkuri afiliate către acestea. Mulțumesc!
Știri și review-uri la jocuri pe Steam
GoGeek.eu SteamGames.ro
Video
Final Cut Pro 11 pentru Mac
Final Cut Pro 11 a fost lansat de Apple. Ce noutăți aduce?
Scaun gaming cockpit Playseat Challenge Negru - Featured
Unboxing: Scaun gaming pentru volan, Cockpit Playseat Challenge
Podcast
Podcast Articole Interesante
Comunitate Facebook
Apple România pe Facebook Alte platforme: 𝕏, Discord

Alte articole:

Particle, AI va distruge site-urile
Noutăți Tech
Cum funcționează AI și cum site-urile de știri, bloguri vor avea de suferit?
Reclame pe Netflix in curant
Noutăți Tech
Netflix se scumpește
Peste 15 companii aeriene vor accepta dispozitivele AirTag pentru localizarea bagajelor pierdute
AirTag Noutăți
Peste 15 companii aeriene vor accepta dispozitivele AirTag pentru localizarea bagajelor pierdute
Proiect concediu medical pentru burnout
Noutăți
Proiect: concediu medical pentru burnout

Toate drepturile rezervate © 2011 - 2024, iSay.ro