Lucene search

GoogleOSV:CVE-2017-5491

HistoryJan 15, 2017 - 2:59 a.m.

CVE-2017-5491

2017-01-1502:59:02

Google

osv.dev

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

79.6%

JSON

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.

References

www.debian.org/security/2017/dsa-3779

www.openwall.com/lists/oss-security/2017/01/14/6

www.securityfocus.com/bid/95406

www.securitytracker.com/id/1037591

codex.wordpress.org/Version_4.7.1

github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a

wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/

wpvulndb.com/vulnerabilities/8719