Vulnerability & Exploit Database

Displaying entries 1 - 10 of 357 in total

Results for: wordpress Back to search

Debian: CVE-2017-9061: wordpress - security update Vulnerability

  • Severity: 4
  • Published: May 17, 2017

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename.

Debian: CVE-2017-9063: wordpress - security update Vulnerability

  • Severity: 4
  • Published: May 17, 2017

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.

Debian: CVE-2017-9064: wordpress - security update Vulnerability

  • Severity: 7
  • Published: May 17, 2017

In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.