vulnerability
FreeBSD: VID-14ea4458-e5cd-11e6-b56d-38d547003487 (CVE-2017-5610): wordpress -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Jan 29, 2017 | Jan 31, 2017 | Dec 10, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Jan 29, 2017
Added
Jan 31, 2017
Modified
Dec 10, 2025
Description
Aaron D. Campbell reports: WordPress versions 4.7.1 and earlier are affected by three security issues: The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. A cross-site scripting (XSS) vulnerability was discovered in the posts list table. An unauthenticated privilege escalation vulnerability was discovered in a REST API endpoint.
Solutions
freebsd-upgrade-package-wordpressfreebsd-upgrade-package-de-wordpressfreebsd-upgrade-package-ja-wordpressfreebsd-upgrade-package-ru-wordpressfreebsd-upgrade-package-zh-wordpress-zh_cnfreebsd-upgrade-package-zh-wordpress-zh_tw
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.