6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.126 Low
EPSS
Percentile
95.4%
Samuel Sidler reports:
WordPress 4.3.1 is now available. This is a security
release for all previous versions and we strongly
encourage you to update your sites immediately.
WordPress versions 4.3 and earlier are vulnerable
to a cross-site scripting vulnerability when processing
shortcode tags (CVE-2015-5714). Reported by Shahar Tal
and Netanel Rubin of Check Point.
A separate cross-site scripting vulnerability was found
in the user list table. Reported by Ben Bidner of the
WordPress security team.
Finally, in certain cases, users without proper
permissions could publish private posts and make
them sticky (CVE-2015-5715). Reported by Shahar Tal
and Netanel Rubin of Check Point.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | wordpress | < 4.3.1,1 | UNKNOWN |
FreeBSD | any | noarch | de-wordpress | < 4.3.1 | UNKNOWN |
FreeBSD | any | noarch | ja-wordpress | < 4.3.1 | UNKNOWN |
FreeBSD | any | noarch | ru-wordpress | < 4.3.1 | UNKNOWN |
FreeBSD | any | noarch | zh-wordpress-zh_cn | < 4.3.1 | UNKNOWN |
FreeBSD | any | noarch | zh-wordpress-zh_tw | < 4.3.1 | UNKNOWN |
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.126 Low
EPSS
Percentile
95.4%