WordPress <= 4.3.0 - BYPASS

2015-08-0200:00:00

N/A

patchstack.com

0.002 Low

EPSS

Percentile

54.8%

JSON

The vulnerability is in the XMLRPC subsystem, in wp-includes/class-wp-xmlrpc-server.php. It allows an authenticated user to bypass intended access restrictions via unspecified vectors.

Solution

           Update WordPress.

CPENameOperatorVersion
wordpressle4.3.0

CPE	Name	Operator	Version
	wordpress	le	4.3.0

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5715

0.002 Low

EPSS

Percentile

54.8%

JSON

Related for PATCHSTACK:1090D28EB1E7A0CDF2D5555DC5C88015