Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 07 May 2016 05:33:13 +0000
From: Craig Small <>
Subject: CVE Request: wordpress and mediaelement

  wordpress 4.5.1 has two security issues[1], both XSS, both fixed in 4.5.2

One is around the plupload embedded code[2] which I'm unsure if it affects
plupload proper or just wordpress.
The second is around mediaelement[3] and this does affect the upstream
program but is already fixed[4].


 - Craig

Craig Small (@smallsees)       csmall at :
Debian GNU/Linux    csmall at :
GPG fingerprint:        5D2F B320 B825 D939 04D2  0519 3938 F96B DF50 FEA5

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ