2 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.7.5, a cross-site scripting XSS vulnerability related to the Customizer exists, involving an invalid customization session. CVE-2017-9063...
DEBIAN-CVE-2017-9064
In WordPress before 4.7.5, a Cross Site Request Forgery CSRF vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials...