Lucene search

K
prionPRIOn knowledge basePRION:CVE-2014-5240
HistoryAug 18, 2014 - 11:15 a.m.

Cross site scripting

2014-08-1811:15:00
PRIOn knowledge base
www.prio-n.com
5

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.4%

Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL.

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.4%