Published: 12/03/2017 Updated: 19/03/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

In WordPress prior to 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordpress wordpress

Debian Bug report logs - #857026 wordpress: 473 security release Package: src:wordpress; Maintainer for src:wordpress is Craig Small <csmall@debianorg>; Reported by: Craig Small <csmall@debianorg> Date: Tue, 7 Mar 2017 10:33:02 UTC Severity: grave Tags: security, upstream Found in version wordpress/472 Fixed ...

A cross-site scripting (XSS) vulnerability has been discovered in WordPress before 473 (wp-admin/js/tags-boxjs) via taxonomy term names ...

CWE-79 https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/https://github.com/WordPress/WordPress/commit/9092fd01e1f452f37c313d38b18f9fe6907541f9 https://codex.wordpress.org/Version_4.7.3 http://www.securityfocus.com/bid/96601 https://wpvulndb.com/vulnerabilities/8769 http://www.securitytracker.com/id/1037959 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857026 https://security.archlinux.org/CVE-2017-6818

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-6818

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect