| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-5611 | 7.5 |
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post typ
|
30-01-2021 - 02:37 | 30-01-2017 - 04:59 | |
| CVE-2017-5610 | 5.0 |
wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms.
|
19-03-2019 - 14:37 | 30-01-2017 - 04:59 | |
| CVE-2017-5612 | 4.3 |
Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt.
|
19-03-2019 - 12:27 | 30-01-2017 - 04:59 |