Vulnerability & Exploit Database

Back to search

FreeBSD: VID-A2589511-D6BA-11E7-88DD-00E04C1EA73D: wordpress -- multiple issues

Severity CVSS Published Added Modified
4 (AV:L/AC:M/Au:N/C:P/I:P/A:P) November 29, 2017 December 02, 2017 January 27, 2018


wordpress developers reports:

Use a properly generated hash for the newbloguser key instead of a determinate substring.

Add escaping to the language attributes used on html elements.

Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.

Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial