WordPress <= 4.4.1 - XSS
- Product
- WordPress
- Description
- WordPress before 4.4.1 is prone to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary script or HTML in the network settings page.
- Solution
- Update WordPress to 4.5.
- Classification
-
Type XSS (Cross Site Scripting)
- References
-
CVE Mitre
SecurityFocus
- CVE
- Name CVE-2016-6634
- Versions
-
Affected In
<= 4.4.1
Fixed In 4.5 - Disclosure date
- 2016-04-12
- Credits
- Emanuel Bronshtein (@e3amn2l)