6 matches found
WordPress 4.7.x < 4.7.3 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists in the wpplaylistshortcode function within the /wp-includes/media.php script due to a failure to validate input passed via...
Debian DSA-3815-1 : wordpress - security update
Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to delete unintended files, mount Cross-Site Scripting attacks, or bypass redirect URL validation mechanisms. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
[SECURITY] [DSA 3815-1] wordpress security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3815-1 [email protected] https://www.debian.org/security/ Sebastien Delafond March 23, 2017 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3815-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-6817
In WordPress before 4.7.3 wp-includes/embed.php, there is authenticated Cross-Site Scripting XSS in YouTube URL Embeds...
CVE-2017-6817
CVE-2017-6817 affects WordPress versions before 4.7.3, where authenticated XSS is possible via YouTube URL embeds in wp-includes/embed.php. The CVSS metrics in the record indicate a Medium severity (CVSS‑3 base 5.4). Remediation is to upgrade to WordPress 4.7.3 or later (as noted in the WordPress...