Lucene search
Veracode Vulnerability DatabaseVERACODE:4657HistoryJul 25, 2017 - 6:56 a.m.
Cross-Site Request Forgery(CSRF)
2017-07-2506:56:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0.003
Percentile
70.0%
Wordpress is vulnerable to cross-site request forgery (CSRF) attacks. The attacks can be launched because wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php have flaws, allowing the widget-access action requests to be hijacked by the attackers.
Related
osv
osv
CVE-2017-5492
2017-01-15 02:59:03
wordpress - security update
2017-02-01 00:00:00
wordpress - security update
2017-02-01 00:00:00
prion
prion
Cross site request forgery (csrf)
2017-01-15 02:59:00
cve
cve
CVE-2017-5492
2017-01-15 02:59:03
debiancve
debiancve
CVE-2017-5492
2017-01-15 02:59:03
wpvulndb
wpvulndb
WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
2017-01-11 00:00:00
ubuntucve
ubuntucve
CVE-2017-5492
2017-01-15 00:00:00
cvelist
cvelist
CVE-2017-5492
2017-01-15 02:00:00
nvd
nvd
CVE-2017-5492
2017-01-15 02:59:03
freebsd
freebsd
wordpress -- multiple vulnerabilities
2017-01-11 00:00:00
nessus
nessus
FreeBSD : wordpress -- multiple vulnerabilities (b180d1fb-dac6-11e6-ae1b-002590263bf5)
2017-01-16 00:00:00
WordPress < 4.7.1 Multiple Vulnerabilities
2017-01-17 00:00:00
WordPress 4.1.x < 4.1.14 Multiple Vulnerabilities
2018-11-05 00:00:00
openvas
openvas
WordPress < 4.7.1 Multiple Security Vulnerabilities - Windows
2017-01-20 00:00:00
WordPress < 4.7.1 Multiple Security Vulnerabilities - Linux
2017-01-20 00:00:00
Debian: Security Advisory (DLA-813-1)
2018-01-04 00:00:00
debian
debian
[SECURITY] [DLA 813-1] wordpress security update
2017-02-01 08:02:56
[SECURITY] [DSA 3779-1] wordpress security update
2017-02-01 14:30:41
[SECURITY] [DSA 3779-1] wordpress security update
2017-02-01 14:30:41
archlinux
archlinux
[ASA-201701-22] wordpress: multiple issues
2017-01-15 00:00:00