WordPress Cross-Site Scripting Vulnerability

Last Update Date: 5 May 2015 Release Date: 28 Apr 2015 3561 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability was identified in WordPress. A remote user can conduct cross-site scripting attacks.

 

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the WordPress software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

 

NOTE: Vulnerability Has No Patch Available

NOTE: A Proof Of Concept Exploit Code Is Publicly Available

Impact

  • Cross-Site Scripting
  • Remote Code Execution
  • Information Disclosure
  • Spoofing

System / Technologies affected

  • 4.1.1, 4.1.2, and 4.2 (and prior)

Solutions

NOTE: Vulnerability Has No Patch Available

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Clam AntiVirus Multiple Vulnerabilities

5 May 2015 3636 Views

Next

Apple OS X Multiple Vulnerabilities

28 Apr 2015 3678 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY