Lucene search

K
patchstackN/APATCHSTACK:193524FA1B446205D88A3F1580078D63
HistoryJun 23, 2016 - 12:00 a.m.

WordPress <= 4.5.2 - XSS #2

2016-06-2300:00:00
N/A
patchstack.com
8

0.007 Low

EPSS

Percentile

80.0%

WordPress 4.5.2 and previous versions are prone to a cross-site scripting vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php. It allows an attacker to inject arbitrary web script or HTML via a crafted attachment name.

Related: http://db.threatpress.com/sysadmin/vulnerabilities/834/

Solution

           Update WordPress. 
CPENameOperatorVersion
wordpressle4.5.2

0.007 Low

EPSS

Percentile

80.0%

Related for PATCHSTACK:193524FA1B446205D88A3F1580078D63