Mandriva Linux Security Advisory 2014-103 - Multiple vulnerabilities have been discovered and corrected in WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-wp-posts-list-table.php. The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie. The updated packages have been patched to correct these issues.
773c10cb4bddf7528da15b0bd9bf90cf62273a774208b5c3484fe51844eb4a8e
Debian Linux Security Advisory 2901-3 - The update of wordpress in DSA-2901-2 introduced a wrong versioned dependency on libjs-cropper, making the package uninstallable in the oldstable distribution (squeeze). This update corrects that problem.
0a850496735e1273b3de80b8645aa4ce0b91fe70713d28fd59c990bb6585ba45
Debian Linux Security Advisory 2901-2 - The update for wordpress in DSA 2901 caused a regression in the Quick Drafts functionality. This update corrects that problem.
d2b698d3c0306b329f5d6fa12b5b30d81ec5aeefe5c0074149ffabaff5159725
Debian Linux Security Advisory 2901-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool.
f49d94dbeb8d28f68730205644c298480c65c8a691c0dcd80f4f52c994206a7a