Description

WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors.

Remediation

References

CVE-2016-5837

Related Vulnerabilities

WordPress Plugin Verve Meta Boxes TimThumb Arbitrary File Upload (1.2.8)

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-21732)

OpenSSL Out-of-bounds Write Vulnerability (CVE-2023-6129)

Unfiltered header injection in Apache 1.3.34/2.0.57/2.2.1

Lighttpd Other Vulnerability (CVE-2007-1869)

Severity

High

Classification

CVE-2016-5837 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities