CVE-2017-5491

Опубликовано: 15 янв. 2017

Источник: debian

Описание

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
wordpress	fixed	4.7.1+dfsg-1		package

Примечания

https://www.openwall.com/lists/oss-security/2017/01/14/1
https://wpvulndb.com/vulnerabilities/8719
https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a

Связанные уязвимости

CVE-2017-5491

CVSS3: 5.3

ubuntu

больше 8 лет назад

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.

CVE-2017-5491

CVSS3: 5.3

nvd

больше 8 лет назад

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.

GHSA-pqh4-x29p-6xrc

CVSS3: 5.3

github

около 3 лет назад

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.