1. Reverse Engineering >
  2. Sicherheitslücken >
  3. Add a new filter to extend set-screen-option

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Add a new filter to extend set-screen-option


Exploits vom | Direktlink: portal.patchman.co Nachrichten Bewertung

Issue where set-screen-option could be misused by plugins leading to privilege escalation.

This vulnerability affects the following application versions:

  • WordPress 3.6
  • WordPress 3.6.1
  • WordPress 3.7
  • WordPress 3.7.1
  • WordPress 3.7.2
  • WordPress 3.7.3
  • WordPress 3.7.4
  • WordPress 3.7.5
  • WordPress 3.7.6
  • WordPress 3.7.7
  • WordPress 3.7.8
  • WordPress 3.7.9
  • WordPress 3.7.10
  • WordPress 3.7.11
  • WordPress 3.7.12
  • WordPress 3.7.13
  • WordPress 3.7.14
  • WordPress 3.7.15
  • WordPress 3.7.16
  • WordPress 3.7.17
  • WordPress 3.7.18
  • WordPress 3.7.19
  • WordPress 3.7.20
  • WordPress 3.7.21
  • WordPress 3.7.22
  • WordPress 3.7.23
  • WordPress 3.7.24
  • WordPress 3.7.25
  • WordPress 3.7.26
  • WordPress 3.7.27
  • WordPress 3.7.28
  • WordPress 3.7.29
  • WordPress 3.7.30
  • WordPress 3.7.31
  • WordPress 3.7.32
  • WordPress 3.7.33
  • WordPress 3.8
  • WordPress 3.8.1
  • WordPress 3.8.2
  • WordPress 3.8.3
  • WordPress 3.8.4
  • WordPress 3.8.5
  • WordPress 3.8.6
  • WordPress 3.8.7
  • WordPress 3.8.8
  • WordPress 3.8.9
  • WordPress 3.8.10
  • WordPress 3.8.11
  • WordPress 3.8.12
  • WordPress 3.8.13
  • WordPress 3.8.14
  • WordPress 3.8.15
  • WordPress 3.8.16
  • WordPress 3.8.17
  • WordPress 3.8.18
  • WordPress 3.8.19
  • WordPress 3.8.20
  • WordPress 3.8.21
  • WordPress 3.8.22
  • WordPress 3.8.23
  • WordPress 3.8.24
  • WordPress 3.8.25
  • WordPress 3.8.26
  • WordPress 3.8.27
  • WordPress 3.8.28
  • WordPress 3.8.29
  • WordPress 3.8.30
  • WordPress 3.8.31
  • WordPress 3.8.32
  • WordPress 3.8.33
  • WordPress 3.9
  • WordPress 3.9.1
  • WordPress 3.9.2
  • WordPress 3.9.3
  • WordPress 3.9.4
  • WordPress 3.9.5
  • WordPress 3.9.6
  • WordPress 3.9.7
  • WordPress 3.9.8
  • WordPress 3.9.9
  • WordPress 3.9.10
  • WordPress 3.9.11
  • WordPress 3.9.12
  • WordPress 3.9.13
  • WordPress 3.9.14
  • WordPress 3.9.15
  • WordPress 3.9.16
  • WordPress 3.9.17
  • WordPress 3.9.18
  • WordPress 3.9.19
  • WordPress 3.9.20
  • WordPress 3.9.21
  • WordPress 3.9.22
  • WordPress 3.9.23
  • WordPress 3.9.24
  • WordPress 3.9.25
  • WordPress 3.9.26
  • WordPress 3.9.27
  • WordPress 3.9.28
  • WordPress 3.9.29
  • WordPress 3.9.30
  • WordPress 3.9.31
  • WordPress 4.0
  • WordPress 4.0.1
  • WordPress 4.0.2
  • WordPress 4.0.3
  • WordPress 4.0.4
  • WordPress 4.0.5
  • WordPress 4.0.6
  • WordPress 4.0.7
  • WordPress 4.0.8
  • WordPress 4.0.9
  • WordPress 4.0.10
  • WordPress 4.0.11
  • WordPress 4.0.12
  • WordPress 4.0.13
  • WordPress 4.0.14
  • WordPress 4.0.15
  • WordPress 4.0.16
  • WordPress 4.0.17
  • WordPress 4.0.18
  • WordPress 4.0.19
  • WordPress 4.0.20
  • WordPress 4.0.21
  • WordPress 4.0.22
  • WordPress 4.0.23
  • WordPress 4.0.24
  • WordPress 4.0.25
  • WordPress 4.0.26
  • WordPress 4.0.27
  • WordPress 4.0.28
  • WordPress 4.0.29
  • WordPress 4.0.30
  • WordPress 4.1
  • WordPress 4.1.1
  • WordPress 4.1.2
  • WordPress 4.1.3
  • WordPress 4.1.4
  • WordPress 4.1.5
  • WordPress 4.1.6
  • WordPress 4.1.7
  • WordPress 4.1.8
  • WordPress 4.1.9
  • WordPress 4.1.10
  • WordPress 4.1.11
  • WordPress 4.1.12
  • WordPress 4.1.13
  • WordPress 4.1.14
  • WordPress 4.1.15
  • WordPress 4.1.16
  • WordPress 4.1.17
  • WordPress 4.1.18
  • WordPress 4.1.19
  • WordPress 4.1.20
  • WordPress 4.1.21
  • WordPress 4.1.22
  • WordPress 4.1.23
  • WordPress 4.1.24
  • WordPress 4.1.25
  • WordPress 4.1.26
  • WordPress 4.1.27
  • WordPress 4.1.28
  • WordPress 4.1.29
  • WordPress 4.1.30
  • WordPress 4.2
  • WordPress 4.2.1
  • WordPress 4.2.2
  • WordPress 4.2.10
  • WordPress 4.2.11
  • WordPress 4.2.12
  • WordPress 4.2.13
  • WordPress 4.2.14
  • WordPress 4.2.15
  • WordPress 4.2.16
  • WordPress 4.2.17
  • WordPress 4.2.18
  • WordPress 4.2.19
  • WordPress 4.2.20
  • WordPress 4.2.21
  • WordPress 4.2.22
  • WordPress 4.2.23
  • WordPress 4.2.24
  • WordPress 4.2.25
  • WordPress 4.2.26
  • WordPress 4.2.3
  • WordPress 4.2.4
  • WordPress 4.2.5
  • WordPress 4.2.6
  • WordPress 4.2.7
  • WordPress 4.2.8
  • WordPress 4.2.9
  • WordPress 4.2.27
  • WordPress 4.3
  • WordPress 4.3.1
  • WordPress 4.3.2
  • WordPress 4.3.3
  • WordPress 4.3.4
  • WordPress 4.3.5
  • WordPress 4.3.6
  • WordPress 4.3.7
  • WordPress 4.3.8
  • WordPress 4.3.9
  • WordPress 4.3.10
  • WordPress 4.3.11
  • WordPress 4.3.12
  • WordPress 4.3.13
  • WordPress 4.3.14
  • WordPress 4.3.15
  • WordPress 4.3.16
  • WordPress 4.3.17
  • WordPress 4.3.18
  • WordPress 4.3.19
  • WordPress 4.3.20
  • WordPress 4.3.21
  • WordPress 4.3.22
  • WordPress 4.3.23
  • WordPress 4.4
  • WordPress 4.4.1
  • WordPress 4.4.2
  • WordPress 4.4.3
  • WordPress 4.4.4
  • WordPress 4.4.5
  • WordPress 4.4.6
  • WordPress 4.4.7
  • WordPress 4.4.8
  • WordPress 4.4.9
  • WordPress 4.4.10
  • WordPress 4.4.11
  • WordPress 4.4.12
  • WordPress 4.4.13
  • WordPress 4.4.14
  • WordPress 4.4.15
  • WordPress 4.4.16
  • WordPress 4.4.17
  • WordPress 4.4.18
  • WordPress 4.4.19
  • WordPress 4.4.20
  • WordPress 4.4.21
  • WordPress 4.4.22
  • WordPress 4.5
  • WordPress 4.5.1
  • WordPress 4.5.2
  • WordPress 4.5.3
  • WordPress 4.5.4
  • WordPress 4.5.5
  • WordPress 4.5.6
  • WordPress 4.5.7
  • WordPress 4.5.8
  • WordPress 4.5.9
  • WordPress 4.5.10
  • WordPress 4.5.11
  • WordPress 4.5.12
  • WordPress 4.5.13
  • WordPress 4.5.14
  • WordPress 4.5.15
  • WordPress 4.5.16
  • WordPress 4.5.17
  • WordPress 4.5.18
  • WordPress 4.5.19
  • WordPress 4.5.20
  • WordPress 4.5.21
  • WordPress 4.6
  • WordPress 4.6.1
  • WordPress 4.6.2
  • WordPress 4.6.3
  • WordPress 4.6.4
  • WordPress 4.6.5
  • WordPress 4.6.10
  • WordPress 4.6.11
  • WordPress 4.6.12
  • WordPress 4.6.13
  • WordPress 4.6.14
  • WordPress 4.6.15
  • WordPress 4.6.16
  • WordPress 4.6.17
  • WordPress 4.6.18
  • WordPress 4.6.6
  • WordPress 4.6.7
  • WordPress 4.6.8
  • WordPress 4.6.9
  • WordPress 4.7
  • WordPress 4.7.1
  • WordPress 4.7.2
  • WordPress 4.7.3
  • WordPress 4.7.4
  • WordPress 4.7.5
  • WordPress 4.7.6
  • WordPress 4.7.7
  • WordPress 4.7.8
  • WordPress 4.7.9
  • WordPress 4.7.10
  • WordPress 4.7.11
  • WordPress 4.7.12
  • WordPress 4.7.13
  • WordPress 4.7.14
  • WordPress 4.7.15
  • WordPress 4.7.16
  • WordPress 4.7.17
  • WordPress 4.8
  • WordPress 4.8.1
  • WordPress 4.8.2
  • WordPress 4.8.3
  • WordPress 4.8.4
  • WordPress 4.8.5
  • WordPress 4.8.6
  • WordPress 4.8.7
  • WordPress 4.8.8
  • WordPress 4.8.9
  • WordPress 4.8.10
  • WordPress 4.8.11
  • WordPress 4.8.12
  • WordPress 4.8.13
  • WordPress 4.9
  • WordPress 4.9.1
  • WordPress 4.9.2
  • WordPress 4.9.3
  • WordPress 4.9.4
  • WordPress 4.9.10
  • WordPress 4.9.11
  • WordPress 4.9.12
  • WordPress 4.9.13
  • WordPress 4.9.14
  • WordPress 4.9.5
  • WordPress 4.9.6
  • WordPress 4.9.7
  • WordPress 4.9.8
  • WordPress 4.9.9
  • WordPress 5.0
  • WordPress 5.0.1
  • WordPress 5.0.2
  • WordPress 5.0.3
  • WordPress 5.0.4
  • WordPress 5.0.6
  • WordPress 5.0.7
  • WordPress 5.0.8
  • WordPress 5.0.9
  • WordPress 5.0 Beta 1
  • WordPress 5.0 Beta 2
  • WordPress 5.0 Beta 3
  • WordPress 5.0 Beta 4
  • WordPress 5.0 RC1
  • WordPress 5.0 RC2
  • WordPress 5.0 RC3
  • WordPress 5.1
  • WordPress 5.1.1
  • WordPress 5.1.2
  • WordPress 5.1.3
  • WordPress 5.1.4
  • WordPress 5.1.5
  • WordPress 5.2
  • WordPress 5.2.1
  • WordPress 5.2.2
  • WordPress 5.2.3
  • WordPress 5.2.4
  • WordPress 5.2.5
  • WordPress 5.2.6
  • WordPress 5.2 Beta 1
  • WordPress 5.2 Beta 2
  • WordPress 5.3
  • WordPress 5.3.1
  • WordPress 5.3.2
  • WordPress 5.3.3
  • WordPress 5.4
  • WordPress 5.4.1
...
https://portal.patchman.co/detections/rss/vulnerabilities/4084

Externe Quelle mit kompletten Inhalt anzeigen


Zur Startseite von Team IT Security

➤ Weitere Beiträge von Team Security | IT Sicherheit

Deobfuscating/REversing Remcos - AutoIt, Shellcode, and RunPE

vom 676.42 Punkte ic_school_black_18dp
Remcos is a robust RAT actively being used in the wild. This multi-staged/evasive RAT provides powerful functionality to an attacker. Each stage is written in a different language: AutoIt -> Shellcode -> C++. I wanted to explore both the evasiven

Ghidra Python Scripting - AZORult

vom 211.11 Punkte ic_school_black_18dp
When analyzing an AZORult sample, one particular hurdle for static analysis (at the code level) was the technique by the malware to call certain WinAPI functions.  The malware calls GetProcAddress repeatedly to locate the addresses of dozens of W

Aggregation extensions in OData ASP.NET Core

vom 203.72 Punkte ic_school_black_18dp
$select and $filter, as well as other OData query options, are an excellent way to receive only data that you need. However, they might not be the best option for reporting and analytical applications. If you want to get total sales to the particular

P4wnP1 A.L.O.A. - Framework Which Turns A Rapsberry Pi Zero W Into A Flexible, Low-Cost Platform For Pentesting, Red Teaming And Physical Engagements

vom 190.1 Punkte ic_school_black_18dp
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".0. How to installThe latest image could be fo

How to hack iPhone's Lock Screen on iOS 12 to Access Contacts and Photos?

vom 166.66 Punkte ic_school_black_18dp
Apple may pride itself on its commitment to user privacy and security, but it isn't invulnerable. EverythingApplePro now know there is a bug in the latest version of iOS 12 and iOS 12.1 beta that allows those in the know to bypass iPhone passcode and access cont

Creating .NET Core global tools on macOS

vom 154.83 Punkte ic_school_black_18dp
One of the really cool aspects about .NET Core is the support for global tools. You can use global tools to simplify common tasks during your development workflow. For example, you can create tools to minify image assets, simplify working with source contro

Android Studio 3.0 Canary 1

vom 143.61 Punkte ic_school_black_18dp
By Jamal Eason, Product Manager, Android Just in time for Google I/O 2017, we're providing a sneak peak of Android Studio 3.0 - available to download today on our canary release channel. Android Studio's our official IDE, purpose-built for Android, and we keep increasing our investment. The feature set in Android Studi

Deobfuscating Maldocs - Payloads in Objects

vom 141.08 Punkte ic_school_black_18dp
When it comes to maldocs, obfuscation techniques trend depending on what the doc-generators are using. For example, at one time giant base64 strings were concatenated at runtime, which would typically decode to an obfuscated powershell script. Then

Microsoft Azure portal May 2019 update

vom 140.78 Punkte ic_school_black_18dp
This month is packed with updates on the Azure portal, including enhancements to the user experience, resource configuration, management tools and more. Sign in to the Azure portal now and see for yourself everything that’s new. Download the Az

Microsoft Azure portal May 2019 update

vom 140.78 Punkte ic_school_black_18dp
This month is packed with updates on the Azure portal, including enhancements to the user experience, resource configuration, management tools and more. Sign in to the Azure portal now and see for yourself everything that’s new. Download the Az

Dr. ROBOT - Tool To Enumerate The Subdomains Associated With A Company By Aggregating The Results Of Multiple OSINT Tools

vom 135.09 Punkte ic_school_black_18dp
Dr. ROBOT is a tool for Domain Reconnaissance and Enumeration. By utilizing containers to reduce the overhead of dealing with dependencies, inconsistency across operating sytems, and different languages, Dr. ROBOT is built to be highly portable and configurable.

Integrating Cosmos DB with OData (Part 3)

vom 134.34 Punkte ic_school_black_18dp
Sometimes requiring to build an entire ASP.NET Core application just for the purpose of exposing a RESTFul API endpoint to give your API consumers the ability to query, filter and order the data could be a bit of an overhead, especially if you are no

Team Security Diskussion über Add a new filter to extend set-screen-option