Описание
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.
Ссылки
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Patch
- Vendor Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.7 (включая)
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01622
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-1188
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 8 лет назад
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.
CVSS3: 5.3
debian
больше 8 лет назад
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to ...
CVSS3: 5.3
github
около 3 лет назад
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.
EPSS
Процентиль: 81%
0.01622
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-1188