Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2015-5733

Published: 09/11/2015 Updated: 21/09/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Wordpress

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress prior to 4.2.4 allows remote malicious users to inject arbitrary web script or HTML via an accessibility-helper title.

Vulnerable Product Search on Vulmon Subscribe to Product

wordpress wordpress

Vendor Advisories

Debian CVElist Bug Report Logs: wordpress: CVE-2015-2213 CVE-2015-5730 CVE-2015-5731 CVE-2015-5732 CVE-2015-5733 CVE-2015-5734: 4.2.3 and earlier multiple vulnerabilities
Debian Bug report logs - #794560 wordpress: CVE-2015-2213 CVE-2015-5730 CVE-2015-5731 CVE-2015-5732 CVE-2015-5733 CVE-2015-5734: 423 and earlier multiple vulnerabilities Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: ...

Github Repositories

https://github.com/ftruncale/Codepath-Week-7

Project 7 - WordPress Pentesting Time spent: 4 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pentesting Report Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds (CVE-2017-6817) Summary: Vulnerability types: XSS Tested in version: 42 Fixed in version: 4213 GIF Walk

https://github.com/yl4fq/network-sec

network-sec Project 7 - WordPress Pentesting Time spent: 5 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pentesting Report (Required) Vulnerability Name or ID Summary: Authenticated Stored Cross Site Scripting Vulnerability types: XSS Tested in version: 42 Fixed in version: 423 GIF W

References

CWE-79https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/https://codex.wordpress.org/Version_4.2.4http://openwall.com/lists/oss-security/2015/08/04/7https://core.trac.wordpress.org/changeset/33540https://core.trac.wordpress.org/changeset/33541http://www.securityfocus.com/bid/76331https://wpvulndb.com/vulnerabilities/8132http://www.securitytracker.com/id/1033178https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794560https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook