CVE-2013-4338 in WordPress
Resumen (Inglés)
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Reservar
2013-06-12
Divulgación
2013-09-12
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 10261 | WordPress functions.php escalada de privilegios | 94 | No está definido | Arreglo oficial | CVE-2013-4338 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV