Lucene search

Veracode Vulnerability DatabaseVERACODE:4856

HistoryAug 03, 2017 - 8:41 a.m.

Authorization Bypass

2017-08-0308:41:35

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.007

Percentile

79.6%

JSON

WordPress is vulnerable to authorization bypass. A malicious user can post without authorization through a spoofed email server with mail.example.com as the server name.

References

www.debian.org/security/2017/dsa-3779

www.openwall.com/lists/oss-security/2017/01/14/6

www.securityfocus.com/bid/95406

www.securitytracker.com/id/1037591

codex.wordpress.org/Version_4.7.1

github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a

github.com/WordPress/WordPress/commit/2d2f78d6402814f3dcab92e2517b354dd3aa0a45

wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/

wpvulndb.com/vulnerabilities/8719

EPSS

0.007

Percentile

79.6%

JSON

Related for VERACODE:4856