Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:4768
HistoryJul 28, 2017 - 1:39 a.m.

Multiple Cross-Site Scripting (XSS)

2017-07-2801:39:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3

0.011 Low

EPSS

Percentile

84.8%

JSON

Wordpress is vulnerable to multiple cross-site scripting (XSS) attack. The attack is vulnerable because wp-includes/class-wp-theme.php does not filter the user-supplied web script or HTML through the (1) stylesheet name or (2) template name to wp-admin/customize.php.

Related

archlinux 1
cve 1
openvas 2
nessus 4
prion 1
cvelist 1
freebsd 1
wpvulndb 1
debian 2
wpexploit 1
osv 1
nvd 1
ubuntucve 1
checkpoint_advisories 1
patchstack 1
debiancve 1
archlinux
archlinux
wordpress: cross-side scripting
2016-01-09 00:00:00
cve
cve
CVE-2016-1564
2016-05-22 01:59:13
openvas
openvas
Debian: Security Advisory (DSA-3444-1)
2016-01-12 00:00:00
Debian Security Advisory DSA 3444-1 (wordpress - security update)
2016-01-13 00:00:00
nessus
nessus
WordPress < 4.4.1 XSS
2016-01-29 00:00:00
WordPress < 4.4.1 class-wp-theme.php XSS
2016-01-14 00:00:00
Debian DSA-3444-1 : wordpress - security update
2016-01-14 00:00:00
prion
prion
Cross site scripting
2016-05-22 01:59:00
cvelist
cvelist
CVE-2016-1564
2016-05-22 01:00:00
freebsd
freebsd
wordpress -- XSS vulnerability
2016-01-06 00:00:00
wpvulndb
wpvulndb
WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS)
2016-01-06 00:00:00
debian
debian
[SECURITY] [DSA 3444-1] wordpress security update
2016-01-13 21:53:46
[SECURITY] [DSA 3444-1] wordpress security update
2016-01-13 21:53:46
wpexploit
wpexploit
WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS)
2016-01-06 00:00:00
osv
osv
wordpress - security update
2016-01-13 00:00:00
nvd
nvd
CVE-2016-1564
2016-05-22 01:59:13
ubuntucve
ubuntucve
CVE-2016-1564
2016-05-22 00:00:00
checkpoint_advisories
checkpoint_advisories
WordPress Core Authenticated Cross-Site Scripting (CVE-2016-1564)
2016-07-25 00:00:00
patchstack
patchstack
WordPress <= 4.4.0 - Multiple XSS
2016-01-08 00:00:00
debiancve
debiancve
CVE-2016-1564
2016-05-22 01:59:13

0.011 Low

EPSS

Percentile

84.8%

JSON
Related for VERACODE:4768
archlinux1cve1openvas2nessus4prion1cvelist1freebsd1wpvulndb1debian2wpexploit1osv1nvd1ubuntucve1checkpoint_advisories1patchstack1debiancve1