vulnerability

FreeBSD: VID-82752070-0349-11E7-B48D-00E04C1EA73D: wordpress -- multiple vulnerabilities

Try Surface Command
Back to search
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Mar 7, 2017
Added
Mar 9, 2017
Modified
Feb 19, 2025

Description




WordPress versions 4.7.2 and earlier are affected by six security issues.



Cross-site scripting (XSS) via media file metadata.


Control characters can trick redirect URL validation.


Unintended files can be deleted by administrators using the


plugin deletion functionality.


Cross-site scripting (XSS) via video URL in YouTube embeds.


Cross-site scripting (XSS) via taxonomy term names.


Cross-site request forgery (CSRF) in Press This leading to


excessive use of server resources.





Solution(s)

freebsd-upgrade-package-de-wordpressfreebsd-upgrade-package-ja-wordpressfreebsd-upgrade-package-ru-wordpressfreebsd-upgrade-package-wordpressfreebsd-upgrade-package-zh-wordpress-zh_cnfreebsd-upgrade-package-zh-wordpress-zh_tw

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today