CVE-2014-5204

Name	CVE-2014-5204
Description	wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CS ...
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
References	DLA-56-1, DSA-3001-1
Debian Bugs	757312

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
wordpress (PTS)	buster, buster (security)	5.0.15+dfsg1-0+deb10u1	fixed
	bullseye (security), bullseye	5.7.5+dfsg1-0+deb11u1	fixed
	bookworm, sid	6.0+dfsg1-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin	Debian Bugs
wordpress	source	squeeze	3.6.1+dfsg-1~deb6u5	DLA-56-1
wordpress	source	wheezy	3.6.1+dfsg-1~deb7u4	DSA-3001-1
wordpress	source	(unstable)	3.9.2+dfsg-1		757312

https://core.trac.wordpress.org/changeset/29384