Description
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
Remediation
References
Related Vulnerabilities
WordPress Plugin Facebook Button by BestWebSoft Cross-Site Scripting (2.33)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.24)
WordPress Plugin WP Fastest Cache Unspecified Vulnerability (0.8.8.5)
WordPress Plugin Under Construction Unspecified Vulnerability (3.85)
WordPress Plugin DM Albums 'album.php' Remote File Inclusion (1.9.2)