Описание
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | needed | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needed | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE |
Показывать по
10
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.1
nvd
больше 6 лет назад
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.
CVSS3: 6.1
debian
больше 6 лет назад
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upl ...
CVSS3: 6.1
github
больше 3 лет назад
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.
CVSS3: 6.1
fstec
больше 6 лет назад
Уязвимость функции wp_ajax_upload_attachment системы управления содержимым сайта WordPress, позволяющая нарушителю оказать воздействие на целостность данных
4.3 Medium
CVSS2
6.1 Medium
CVSS3