Description Vanilla 2.6.x before 2.6.4 allows remote code execution. Remediation References CVE-2018-18903 Related Vulnerabilities WordPress Plugin Under Construction Unspecified Vulnerability (3.85) PHP Double Free Vulnerability (CVE-2016-3132) Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-28683) IBM WebSEAL CVE-2018-1850 Vulnerability (CVE-2018-1850) WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.16) Severity Critical Classification CVE-2018-18903 CWE-94 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities