CVE-2016-5839 — Wordpress vulnerability

7 documents5 sources

Severity

7.5HIGHNVD

EPSS

1.1%

top 21.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wordpress Debian Wordpress

Timeline

PublishedJun 29

Latest updateMay 17

Description

WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/wordpress< wordpress 4.5.3+dfsg-1 (bookworm)

▶Debianwordpress/wordpress< 4.5.3+dfsg-1+3

▶NVDwordpress/wordpress4.5.2

🔴Vulnerability Details

GHSA

GHSA-6jm4-p692-pwq2: WordPress before 4↗2022-05-17

▶

OSV

CVE-2016-5839: WordPress before 4↗2016-06-29

▶

📋Vendor Advisories

Debian

CVE-2016-5839: wordpress - WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name ...↗2016

▶

💬Community

Bugzilla

CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release↗2016-06-23

▶

Bugzilla

CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release [fedora-all]↗2016-06-23

▶

Bugzilla

CVE-2016-5832 CVE-2016-5833 CVE-2016-5834 CVE-2016-5835 CVE-2016-5836 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 wordpress: 4.5.3 Security Release [epel-all]↗2016-06-23

▶