Description

Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt.

Remediation

References

CVE-2017-5612

Related Vulnerabilities

TCExam Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2021-20113)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.8.3)

IBM RTC CVE-2017-1191 Vulnerability (CVE-2017-1191)

Python Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4944)

WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)

Severity

Medium

Classification

CVE-2017-5612 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities