CVE-2016-5837 — Wordpress vulnerability

7 documents5 sources

Severity

7.5HIGHNVD

EPSS

0.8%

top 25.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wordpress Debian Wordpress

Timeline

PublishedJun 29

Latest updateMay 17

Description

WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/wordpress< wordpress 4.5.3+dfsg-1 (bookworm)

▶Debianwordpress/wordpress< 4.5.3+dfsg-1+3

▶NVDwordpress/wordpress4.5.2

Patches

Patch: codex.wordpress.org ↗Patch: wordpress.org ↗Patch: codex.wordpress.org ↗

🔴Vulnerability Details

GHSA

GHSA-8688-jv8f-2mcf: WordPress before 4↗2022-05-17

▶

OSV

CVE-2016-5837: WordPress before 4↗2016-06-29

▶

📋Vendor Advisories

Debian

CVE-2016-5837: wordpress - WordPress before 4.5.3 allows remote attackers to bypass intended access restric...↗2016

▶

💬Community

Bugzilla

CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release↗2016-06-23

▶

Bugzilla

CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release [fedora-all]↗2016-06-23

▶

Bugzilla

CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release [epel-all]↗2016-06-23

▶