Description
In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
Remediation
References
Related Vulnerabilities
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.5)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-6131)
WordPress Plugin AdPlugg WordPress Ad Cross-Site Scripting (1.1.33)
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (4.0.2)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)