ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 4.5.2 - BYPASS #1

Product
WordPress
Description
WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors. Related records: http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-1 http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-2 http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-3
Solution
Upgrade WordPress.
Classification
Type BYPASS
References
CVE Mitre
CVE
Name CVE-2016-5839
Versions
Affected In <= 4.5.2
Fixed In 4.5.3
Disclosure date
2016-06-23