1. Home
  2. CVEs with refmap.confirm==https://make.wordpress.org/core/2017/02/01/disclosure-of-additional-security-fix-in-wordpress-4-7-2/
Max CVSS 5.0 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-1001000 5.0
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a re
03-10-2019 - 00:03 03-04-2017 - 01:59
Back to Top Mark selected
Back to Top