FS#53945 - [wordpress]WordPress Core <= 4.7.4 Potential Unauthorized Password Reset [CVE-2017-8295]
Attached to Project:
Community Packages
Opened by Filip Frackiewicz (notreallyhere) - Saturday, 06 May 2017, 11:17 GMT
Last edited by Alexander F. Rødseth (xyproto) - Sunday, 07 May 2017, 13:49 GMT
Opened by Filip Frackiewicz (notreallyhere) - Saturday, 06 May 2017, 11:17 GMT
Last edited by Alexander F. Rødseth (xyproto) - Sunday, 07 May 2017, 13:49 GMT
|
Details
Wordpress 4.7.4 has a vulnerability within its password
reset feature. You can read more about it here:
https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html http://seclists.org/bugtraq/2017/May/13 |
This task depends upon
Applying a patch. Hopefully upstream will fix this in a later release.