Site icon API Security Blog

WordPress 4.6.x < 4.6.24 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :

– A SQL injection vulnerability within the Link API.

– A Cross-Site Scripting (XSS) vulnerability on the Plugins screen.

– An output escaping issue within the_meta().

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More

Exit mobile version