FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The last vuln.xml file processed by FreshPorts is:
nothing found there
List all Vulnerabilities, by package
List all Vulnerabilities, by date
These are the vulnerabilities relating to the commit you have selected:
|7b97b32e-27c4-11ea-9673-4c72b94353b5||wordpress -- multiple issues|
wordpress developers reports:
Four security issues affect WordPress versions 5.3 and earlier; version 5.3.1 fixes them, so youll want to upgrade.
If you havent yet updated to 5.3, there are also updated versions of 5.2 and earlier that fix the security issues.
-Props to Daniel Bachhuber for finding an issue where an unprivileged user could make a post sticky via the REST API.
-Props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where cross-site scripting (XSS)
could be stored in well-crafted links.
-Props to the WordPress.org Security Team for hardening wp_kses_bad_protocol() to ensure that it is aware of the named
-Props to Nguyen The Duc for discovering a stored XSS vulnerability using block editor content.