WordPress Multiple Vulnerabilities
Release Date: 18 May 2023
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in Wordpress. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, spoofing, remote code execution, data manipulation and cross-site scripting on the targeted system.
Impact
- Remote Code Execution
- Cross-Site Scripting
- Elevation of Privilege
- Data Manipulation
- Spoofing
System / Technologies affected
- WordPress versions prior to 6.2.1
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fix issued by the vendor:
WordPress version 6.2.1
To get this version, update from the Dashboard > Updates menu in your site’s admin area or visit https://wordpress.org/download/release-archive/.
Vulnerability Identifier
- No CVE information is available
沒有留言:
發佈留言