WordPress Prior to 4.7.2 Multiple Security Vulnerabilities
WordPress is prone to the following security vulnerabilities:
1. A security-bypass vulnerability
2. An SQL-injection vulnerability
3. A cross-site scripting vulnerability
Successful exploits could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database and bypass security restrictions and perform unauthorized actions.
Versions prior to WordPress 4.7.2 are vulnerable.