CVE-2017-14725 Information
Share on:
Feb 14, 2021
cve
Description
Before version 4.8.2 WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Reference
http://www.securityfocus.com/bid/100912 http://www.securitytracker.com/id/1039553 https://core.trac.wordpress.org/changeset/41398 https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/ https://wpvulndb.com/vulnerabilities/8910 https://www.debian.org/security/2017/dsa-3997
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
5.4