Lucene search
DebianCVELIST:CVE-2016-1564HistoryMay 22, 2016 - 1:00 a.m.
CVE-2016-1564
2016-05-2201:00:00
debian
www.cve.org
0.011 Low
EPSS
Percentile
84.8%
Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a (1) stylesheet name or (2) template name to wp-admin/customize.php.
References
twitter.com/brutelogic/statuses/685105483397619713
www.debian.org/security/2016/dsa-3444
www.openwall.com/lists/oss-security/2016/01/08/4
www.securitytracker.com/id/1034622
codex.wordpress.org/Version_4.4.1
core.trac.wordpress.org/changeset/36185
wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/
wpvulndb.com/vulnerabilities/8358
Related
archlinux
archlinux
wordpress: cross-side scripting
2016-01-09 00:00:00
cve
cve
CVE-2016-1564
2016-05-22 01:59:13
openvas
openvas
Debian: Security Advisory (DSA-3444-1)
2016-01-12 00:00:00
Debian Security Advisory DSA 3444-1 (wordpress - security update)
2016-01-13 00:00:00
nessus
nessus
WordPress < 4.4.1 XSS
2016-01-29 00:00:00
WordPress < 4.4.1 class-wp-theme.php XSS
2016-01-14 00:00:00
Debian DSA-3444-1 : wordpress - security update
2016-01-14 00:00:00
veracode
veracode
Multiple Cross-Site Scripting (XSS)
2017-07-28 01:39:11
prion
prion
Cross site scripting
2016-05-22 01:59:00
freebsd
freebsd
wordpress -- XSS vulnerability
2016-01-06 00:00:00
wpvulndb
wpvulndb
WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS)
2016-01-06 00:00:00
debian
debian
[SECURITY] [DSA 3444-1] wordpress security update
2016-01-13 21:53:46
[SECURITY] [DSA 3444-1] wordpress security update
2016-01-13 21:53:46
wpexploit
wpexploit
WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS)
2016-01-06 00:00:00
osv
osv
wordpress - security update
2016-01-13 00:00:00
nvd
nvd
CVE-2016-1564
2016-05-22 01:59:13
ubuntucve
ubuntucve
CVE-2016-1564
2016-05-22 00:00:00
checkpoint_advisories
checkpoint_advisories
WordPress Core Authenticated Cross-Site Scripting (CVE-2016-1564)
2016-07-25 00:00:00
patchstack
patchstack
WordPress <= 4.4.0 - Multiple XSS
2016-01-08 00:00:00
debiancve
debiancve
CVE-2016-1564
2016-05-22 01:59:13