Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2017-9065

Published: 18/05/2017 Updated: 15/03/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Wordpress

Vulnerability Summary

In WordPress prior to 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wordpress wordpress

debian debian linux 8.0

debian debian linux 9.0

Vendor Advisories

Debian CVElist Bug Report Logs: wordpress: Six security bugs in wordpress 4.7.4 and earlier
Debian Bug report logs - #862816 wordpress: Six security bugs in wordpress 474 and earlier Package: src:wordpress; Maintainer for src:wordpress is Craig Small <csmall@debianorg>; Reported by: Craig Small <csmall@debianorg> Date: Wed, 17 May 2017 11:57:06 UTC Severity: grave Tags: security, upstream Found in vers ...
Debian CVElist Bug Report Logs: wordpress: CVE-2017-8295
Debian Bug report logs - #862053 wordpress: CVE-2017-8295 Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 7 May 2017 19:57:02 UTC Severity: serious Tags: security, up ...
Debian Security Advisories: DSA-3870-1 wordpress -- security update
Several vulnerabilities were discovered in wordpress, a web blogging tool They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks For the stable distribution (jessie), these problems have been fixed in version 41+dfsg-1+deb8u14 For the upcoming stable (stretch) ...

References

CWE-20https://wordpress.org/news/2017/05/wordpress-4-7-5/https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4https://codex.wordpress.org/Version_4.7.5http://www.securityfocus.com/bid/98509http://www.securitytracker.com/id/1038520https://wpvulndb.com/vulnerabilities/8817http://www.debian.org/security/2017/dsa-3870https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862816https://www.debian.org/security/./dsa-3870
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook