4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
74.0%
Gary Pendergast reports:
WordPress versions 4.2.2 and earlier are affected by a
cross-site scripting vulnerability, which could allow users with the
Contributor or Author role to compromise a site. This was reported by
Jon Cave and fixed by Robert Chapin, both of the WordPress security
team.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | wordpress | < 4.2.3,1 | UNKNOWN |
FreeBSD | any | noarch | de-wordpress | < 4.2.3 | UNKNOWN |
FreeBSD | any | noarch | ja-wordpress | < 4.2.3 | UNKNOWN |
FreeBSD | any | noarch | ru-wordpress | < 4.2.3 | UNKNOWN |
FreeBSD | any | noarch | zh-wordpress-zh_cn | < 4.2.3 | UNKNOWN |
FreeBSD | any | noarch | zh-wordpress-zh_tw | < 4.2.3 | UNKNOWN |