Lucene search

K
patchstackN/APATCHSTACK:32A0E8D66B9E8D860BE7ED0A19D88734
HistoryAug 14, 2014 - 12:00 a.m.

WordPress <= 3.9.1 - XSS

2014-08-1400:00:00
N/A
patchstack.com
4

0.001 Low

EPSS

Percentile

36.4%

This vulnerability is in the wp-includes/pluggable.php. It allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL.

Solution

           Update WordPress. 
CPENameOperatorVersion
wordpressle3.9.1

0.001 Low

EPSS

Percentile

36.4%

Related for PATCHSTACK:32A0E8D66B9E8D860BE7ED0A19D88734