Lucene search
N/APATCHSTACK:193524FA1B446205D88A3F1580078D63HistoryJun 23, 2016 - 12:00 a.m.
WordPress <= 4.5.2 - XSS #2
2016-06-2300:00:00
N/A
patchstack.com
9
EPSS
0.007
Percentile
80.0%
WordPress 4.5.2 and previous versions are prone to a cross-site scripting vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php. It allows an attacker to inject arbitrary web script or HTML via a crafted attachment name.
Related: http://db.threatpress.com/sysadmin/vulnerabilities/834/
Solution
Update WordPress.
Related
cve
cve
CVE-2016-5833
2016-06-29 14:10:04
CVE-2016-5834
2016-06-29 14:10:05
nvd
nvd
CVE-2016-5834
2016-06-29 14:10:05
CVE-2016-5833
2016-06-29 14:10:04
cvelist
cvelist
CVE-2016-5833
2016-06-29 14:00:00
CVE-2016-5834
2016-06-29 14:00:00
debiancve
debiancve
CVE-2016-5833
2016-06-29 14:10:04
CVE-2016-5834
2016-06-29 14:10:05
ubuntucve
ubuntucve
CVE-2016-5833
2016-06-29 00:00:00
CVE-2016-5834
2016-06-29 00:00:00
wpvulndb
wpvulndb
WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
2016-06-21 00:00:00
prion
prion
Cross site scripting
2016-06-29 14:10:00
Cross site scripting
2016-06-29 14:10:00
fedora
fedora
[SECURITY] Fedora 22 Update: wordpress-4.5.3-1.fc22
2016-06-30 14:53:10
[SECURITY] Fedora 23 Update: wordpress-4.5.3-1.fc23
2016-06-30 19:54:36
[SECURITY] Fedora 24 Update: wordpress-4.5.3-1.fc24
2016-06-30 21:32:26
openvas
openvas
WordPress Multiple Vulnerabilities (Jul 2016) - Linux
2016-07-20 00:00:00
Fedora Update for wordpress FEDORA-2016-7db496f6f2
2016-07-02 00:00:00
WordPress Multiple Vulnerabilities (Jul 2016) - Windows
2016-07-20 00:00:00
freebsd
freebsd
wordpress -- multiple vulnerabilities
2016-06-18 00:00:00
nessus
nessus
WordPress < 4.5.3 Multiple Vulnerabilities
2016-06-24 00:00:00