EPSS
Percentile
69.7%
This WordPress version does not prevent rendering for admin or login pages inside a frame in a third-party HTML document. It allows the attackers to conduct clickjacking attacks via a crafted web site.
Update WordPress.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3127