ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 4.3.0 - BYPASS

Product
WordPress
Description
The vulnerability is in the XMLRPC subsystem, in wp-includes/class-wp-xmlrpc-server.php. It allows an authenticated user to bypass intended access restrictions via unspecified vectors.
Solution
Update WordPress.
Classification
Type BYPASS
References
CVE Mitre
CVE
Name CVE-2015-5715
Versions
Affected In <= 4.3.0
Fixed In 4.3.1
Disclosure date
2015-08-02