WordPress <=4.9.4 - Vulnerable due to "localhost" default parameter

Back

Product: WordPress
Description: WordPress versions 3.7-4.9.4 vulnerability due to "localhost" parameter. Don't treat localhost as same host by default.
Solution: Update WordPress to the latest available version (at least 4.9.5).
Classification: Type Unknown
References: Security release information
CVE: Name CVE-N/A
Versions: Affected In <=4.9.4
Fixed In 4.9.5
Disclosure date: 2018-04-05
Submitter: ThreatPress