WordPress Cross Site Scripting And Directory Traversal Vulnerabilities

Bugtraq ID: 92841
Class: Input Validation Error
CVE: CVE-2016-7168
CVE-2016-7169
Remote: Yes
Local: No
Published: Sep 07 2016 12:00AM
Updated: Oct 03 2016 12:03AM
Credit: SumOfPwn researcher Cengiz Han Sahin and Dominik Schilling of WordPress.
Vulnerable: WordPress WordPress 4.5.2
WordPress WordPress 4.5.1
WordPress WordPress 4.5
WordPress WordPress 4.4.1
WordPress WordPress 4.4
WordPress WordPress 4.2.4
WordPress WordPress 4.2.3
WordPress WordPress 4.2.2
WordPress WordPress 4.2.1
WordPress WordPress 4.1.2
WordPress WordPress 4.1.1
WordPress WordPress 4.1
WordPress WordPress 3.9.2
WordPress WordPress 3.9.1
WordPress WordPress 3.8.2
WordPress WordPress 3.8.1
WordPress WordPress 3.7.4
WordPress WordPress 3.7.1
WordPress WordPress 3.6.1
WordPress WordPress 3.5.2
WordPress WordPress 3.5.1
WordPress WordPress 3.3.2
WordPress WordPress 3.2.2
WordPress WordPress 3.1.4
WordPress WordPress 3.1.3
WordPress WordPress 3.1.2
WordPress WordPress 3.1.1
WordPress WordPress 3.0.5
WordPress WordPress 3.0.4
WordPress WordPress 3.0.3
WordPress WordPress 3.0.2
WordPress WordPress 2.9.2
WordPress WordPress 2.9.1
WordPress WordPress 2.8.6
WordPress WordPress 2.8.5
WordPress WordPress 2.8.4
WordPress WordPress 2.8.3
WordPress WordPress 2.8.2
WordPress WordPress 2.8.1
WordPress WordPress 2.6.5
WordPress WordPress 2.6.2
WordPress WordPress 2.6.1
WordPress WordPress 2.5.1
WordPress WordPress 2.3.3
WordPress WordPress 2.3.2
WordPress WordPress 2.3.1
WordPress WordPress 2.2.3
WordPress WordPress 2.2.2
WordPress WordPress 2.2.1
WordPress WordPress 2.1.3
WordPress WordPress 2.1.2
WordPress WordPress 2.1.1
WordPress WordPress 2.0.11
WordPress WordPress 2.0.10
WordPress WordPress 2.0.7
WordPress WordPress 2.0.6
WordPress WordPress 2.0.5
WordPress WordPress 2.0.4
WordPress WordPress 2.0.3
WordPress WordPress 2.0.2
WordPress WordPress 2.0.1
WordPress WordPress 2.0
WordPress WordPress 1.5.2
WordPress WordPress 1.5.1 .3
WordPress WordPress 1.5.1 .2
WordPress WordPress 1.5.1
WordPress WordPress 1.5
WordPress WordPress 1.3.1
WordPress WordPress 1.2.2
WordPress WordPress 1.2.1
+ Gentoo Linux
WordPress WordPress 1.2
+ Gentoo Linux 1.4
+ Gentoo Linux
WordPress WordPress 0.6.2
WordPress WordPress 4.6
WordPress WordPress 4.5.3
WordPress WordPress 4.4.2
WordPress WordPress 4.3.1
WordPress WordPress 4.3
WordPress WordPress 4.2
WordPress WordPress 4.0.1
WordPress WordPress 4.0
WordPress WordPress 3.9.3
WordPress WordPress 3.9
WordPress WordPress 3.8.5
WordPress WordPress 3.8.4
WordPress WordPress 3.8.3
WordPress WordPress 3.8
WordPress WordPress 3.7.5
WordPress WordPress 3.7
WordPress WordPress 3.6
WordPress WordPress 3.5
WordPress WordPress 3.4.2
WordPress WordPress 3.4.1
WordPress WordPress 3.4
WordPress WordPress 3.3.3
WordPress WordPress 3.3.1
WordPress WordPress 3.3
WordPress WordPress 3.2.1
WordPress WordPress 3.2
WordPress WordPress 3.1
WordPress WordPress 3.0.6
WordPress WordPress 3.0.1
WordPress WordPress 2.9.1.1
WordPress WordPress 2.9
WordPress WordPress 2.8.5.2
WordPress WordPress 2.8.5.1
WordPress WordPress 2.8
WordPress WordPress 2.7.1
WordPress WordPress 2.7
WordPress WordPress 2.6.3
WordPress WordPress 2.6
WordPress WordPress 2.5
WordPress WordPress 2.3
WordPress WordPress 2.2
WordPress WordPress 2.1
WordPress WordPress 2.0.9
WordPress WordPress 2.0.8
WordPress WordPress 1.6.2
WordPress WordPress 1.6
WordPress WordPress 1.5.1.1
WordPress WordPress 1.5
WordPress WordPress 1.4
WordPress WordPress 1.3.3
WordPress WordPress 1.3.2
WordPress WordPress 1.3
WordPress WordPress 1.2.5
WordPress WordPress 1.2.4
WordPress WordPress 1.2.3
WordPress WordPress 1.1.1
WordPress WordPress 1.0.2
WordPress WordPress 1.0.1
WordPress WordPress 0.72
WordPress WordPress 0.711
WordPress WordPress 0.71
WordPress WordPress 0.7
WordPress WordPress 0.6.2.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: WordPress WordPress 4.6.1


 

Privacy Statement
Copyright 2010, SecurityFocus