vulnerability
FreeBSD: VID-B180D1FB-DAC6-11E6-AE1B-002590263BF5 (CVE-2017-5492): wordpress -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jan 11, 2017 | Jan 15, 2017 | May 7, 2019 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jan 11, 2017
Added
Jan 15, 2017
Modified
May 7, 2019
Description
Cross-site request forgery (CSRF) vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php.
Solutions
freebsd-upgrade-package-de-wordpressfreebsd-upgrade-package-ja-wordpressfreebsd-upgrade-package-ru-wordpressfreebsd-upgrade-package-wordpressfreebsd-upgrade-package-zh-wordpress-zh_cnfreebsd-upgrade-package-zh-wordpress-zh_tw
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.