WEB APPLICATION VULNERABILITIES Standard & Premium

WordPress Improper Input Validation Vulnerability (CVE-2017-9065)

Description

In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.

Remediation

References

Related Vulnerabilities

WordPress Plugin LearnPress-WordPress LMS Multiple Vulnerabilities (4.1.7.3.2)

Apache 2.x version older than 2.0.43

MongoDb Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-20924)

WordPress Plugin Simple Giveaways-Grow your business, email lists and traffic with contests Security Bypass (2.17.3)

Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-2983)

Severity

High

Classification

CVE-2017-9065 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities