Lucene search
N/APATCHSTACK:3E6F013BD9A25ADD3239310DA626A0DAHistoryJan 08, 2016 - 12:00 a.m.
WordPress <= 4.4.0 - Multiple XSS
2016-01-0800:00:00
N/A
patchstack.com
4
0.011 Low
EPSS
Percentile
84.8%
Multiple cross site scripting vulnerabilities were found in wp-includes/class-wp-theme.php. These vulnerabilities allow the attackers to inject arbitrary web script or HTML via a 1. stylesheet name or 2. template name to wp-admin/customize.php.
Solution
Upgrade WordPress.
Related
archlinux
archlinux
wordpress: cross-side scripting
2016-01-09 00:00:00
cve
cve
CVE-2016-1564
2016-05-22 01:59:13
openvas
openvas
Debian: Security Advisory (DSA-3444-1)
2016-01-12 00:00:00
Debian Security Advisory DSA 3444-1 (wordpress - security update)
2016-01-13 00:00:00
nessus
nessus
WordPress < 4.4.1 XSS
2016-01-29 00:00:00
WordPress < 4.4.1 class-wp-theme.php XSS
2016-01-14 00:00:00
Debian DSA-3444-1 : wordpress - security update
2016-01-14 00:00:00
freebsd
freebsd
wordpress -- XSS vulnerability
2016-01-06 00:00:00
wpvulndb
wpvulndb
WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS)
2016-01-06 00:00:00
debian
debian
[SECURITY] [DSA 3444-1] wordpress security update
2016-01-13 21:53:46
[SECURITY] [DSA 3444-1] wordpress security update
2016-01-13 21:53:46
veracode
veracode
Multiple Cross-Site Scripting (XSS)
2017-07-28 01:39:11
prion
prion
Cross site scripting
2016-05-22 01:59:00
cvelist
cvelist
CVE-2016-1564
2016-05-22 01:00:00
wpexploit
wpexploit
WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS)
2016-01-06 00:00:00
osv
osv
wordpress - security update
2016-01-13 00:00:00
nvd
nvd
CVE-2016-1564
2016-05-22 01:59:13
ubuntucve
ubuntucve
CVE-2016-1564
2016-05-22 00:00:00
checkpoint_advisories
checkpoint_advisories
WordPress Core Authenticated Cross-Site Scripting (CVE-2016-1564)
2016-07-25 00:00:00
debiancve
debiancve
CVE-2016-1564
2016-05-22 01:59:13