ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 4.5.2 - BYPASS #2

Product
WordPress
Description
This vulnerability allows an attacker to bypass intended password-change restrictions by leveraging knowledge of a cookie. Related records: http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-2 http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-3
Solution
Upgrade WordPress.
Classification
Type BYPASS
References
CVE Mitre
CVE
Name CVE-2016-5838
Versions
Affected In <= 4.5.2
Fixed In 4.5.3
Disclosure date
2016-06-23