CVE-2016-5832 — Wordpress vulnerability

7 documents5 sources

Severity

7.5HIGHNVD

EPSS

2.6%

top 14.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wordpress Debian Wordpress

Timeline

PublishedJun 29

Latest updateMay 17

Description

The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/wordpress< wordpress 4.5.3+dfsg-1 (bookworm)

▶Debianwordpress/wordpress< 4.5.3+dfsg-1+3

▶NVDwordpress/wordpress4.5.2

Patches

Patch: wordpress.org ↗Patch: wordpress.org ↗

🔴Vulnerability Details

GHSA

GHSA-893q-vmc7-qcvh: The customizer in WordPress before 4↗2022-05-17

▶

OSV

CVE-2016-5832: The customizer in WordPress before 4↗2016-06-29

▶

📋Vendor Advisories

Debian

CVE-2016-5832: wordpress - The customizer in WordPress before 4.5.3 allows remote attackers to bypass inten...↗2016

▶

💬Community

Bugzilla

CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release↗2016-06-23

▶

Bugzilla

CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release [fedora-all]↗2016-06-23

▶

Bugzilla

CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release [epel-all]↗2016-06-23

▶