5 matches found
CVE-2017-5612
Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...
CVE-2017-5612
Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...
CVE-2017-5612
Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...
WordPress < 3.3.3 / 3.4.0 Multiple Vulnerabilities
According to its version number, the WordPress install hosted on the remote web server is affected by the following vulnerabilities : - A cross-site scripting flaw exists in the 'edit-tags.php' script where it does not validate the 'slug' parameter upon submission. This could allow a remote...
Information disclosure
wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict excerpt-view access, which allows remote authenticated users to obtain sensitive information by visiting a draft...