There has been found an unpatched vulnerability (CVE-2018-1000773) in WordPress. The vulnerability is due to insufficient sanitization of user-supplied input submitted to the affected software. The vulnerability may allow an attacker to execute arbitrary code in target system. To exploit the vulnerability the attacker must have user-level access to the target system.
Affected versions:
WordPress 4.9.8 and earlier versions
Cisco's multivendor vulnerability alert can be read here.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment