0.002 Low
EPSS
Percentile
54.8%
The vulnerability is in the XMLRPC subsystem, in wp-includes/class-wp-xmlrpc-server.php. It allows an authenticated user to bypass intended access restrictions via unspecified vectors.
Update WordPress.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5715