Skip Ribbon Commands
Skip to main content
Computer Security Incident Response Team of Mauritius (CERT-MU)
Computer Security Incident Response Team of Mauritius>CERT-MU Vulnerability Note VN-2017-22

CERT-MU Vulnerability Note VN-2017-22


Vulnerabilities in WordPress
Severity Rating: High
System Affected:  
 
  • Versions prior to WordPress 4.7.1
 
Description:
A cross-site request-forgery vulnerability and security-bypass vulnerability exist in WordPress.

An attacker can exploit these vulnerabilities by performing unauthorized actions in the context of a logged-in user of the affected application and also can bypass certain security restrictions to perform unauthorized actions.  Moreover, this may aid in other attacks. 

Source:
Solution
Users are advised to apply updates.
 
 
Vendor Information
WordPress
 
CVE Information
 
References
Security Focus
 
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis