diff options
| author | Bernard Spil <brnrd@FreeBSD.org> | 2022-01-13 18:40:54 +0000 |
|---|---|---|
| committer | Bernard Spil <brnrd@FreeBSD.org> | 2022-01-13 18:40:54 +0000 |
| commit | 5cb091455dff4405d10da5354887d482a8c9be12 (patch) | |
| tree | 857d8ce87ea88adbb197e0230e1cfdc0bd6aafd1 | |
| parent | 7c428e83c0070adce767c19a0e806d1793d4ad8a (diff) | |
| download | ports-5cb091455dff4405d10da5354887d482a8c9be12.tar.gz ports-5cb091455dff4405d10da5354887d482a8c9be12.zip | |
security/vuxml: Document WordPress vulnerabilities
| -rw-r--r-- | security/vuxml/vuln-2022.xml | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index 1d4b1445c96a..2de749df5af6 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,32 @@ + <vuln vid="79b65dc5-749f-11ec-8be6-d4c9ef517024"> + <topic>WordPress -- Multiple Vulnerabilities</topic> + <affects> + <package> + <name>wordpress</name> + <range><lt>5.8.3,1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The WordPress project reports:</p> + <blockquote cite="https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/"> + <ul><li>Issue with stored XSS through post slugs</li> + <li>Issue with Object injection in some multisite installations</li> + <li>SQL injection vulnerability in WP_Query</li> + <li>SQL injection vulnerability in WP_Meta_Query</li> + </ul> + </blockquote> + </body> + </description> + <references> + <url>https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/</url> + </references> + <dates> + <discovery>2022-01-06</discovery> + <entry>2022-01-13</entry> + </dates> + </vuln> + <vuln vid="2a6106c6-73e5-11ec-8fa2-0800270512f4"> <topic>clamav -- invalid pointer read that may cause a crash</topic> <affects> |