git: 5cb091455dff - main - security/vuxml: Document WordPress vulnerabilities
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 13 Jan 2022 18:40:57 UTC
The branch main has been updated by brnrd:
URL: https://cgit.FreeBSD.org/ports/commit/?id=5cb091455dff4405d10da5354887d482a8c9be12
commit 5cb091455dff4405d10da5354887d482a8c9be12
Author: Bernard Spil <brnrd@FreeBSD.org>
AuthorDate: 2022-01-13 18:40:54 +0000
Commit: Bernard Spil <brnrd@FreeBSD.org>
CommitDate: 2022-01-13 18:40:54 +0000
security/vuxml: Document WordPress vulnerabilities
---
security/vuxml/vuln-2022.xml | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml
index 1d4b1445c96a..2de749df5af6 100644
--- a/security/vuxml/vuln-2022.xml
+++ b/security/vuxml/vuln-2022.xml
@@ -1,3 +1,32 @@
+ <vuln vid="79b65dc5-749f-11ec-8be6-d4c9ef517024">
+ <topic>WordPress -- Multiple Vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>wordpress</name>
+ <range><lt>5.8.3,1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The WordPress project reports:</p>
+ <blockquote cite="https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/">
+ <ul><li>Issue with stored XSS through post slugs</li>
+ <li>Issue with Object injection in some multisite installations</li>
+ <li>SQL injection vulnerability in WP_Query</li>
+ <li>SQL injection vulnerability in WP_Meta_Query</li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://wordpress.org/news/2022/01/wordpress-5-8-3-security-release/</url>
+ </references>
+ <dates>
+ <discovery>2022-01-06</discovery>
+ <entry>2022-01-13</entry>
+ </dates>
+ </vuln>
+
<vuln vid="2a6106c6-73e5-11ec-8fa2-0800270512f4">
<topic>clamav -- invalid pointer read that may cause a crash</topic>
<affects>