CVE-2018-5776

CVE Database · CVE-2018-5776

· N/AModified

CVSS v3.1

N/A

EPSS

2.45%

Published

Jan 18, 2018

Modified

Nov 21, 2024

Public PoC / Exploit (1)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement).

Weaknesses (CWE)

CWE-79

Affected Products (1)

wordpress · wordpress (up to 4.9.2)vulnerable

References (8)

ProductVendor Advisory

Patch

Release NotesVendor Advisory

Third Party Advisory

ProductVendor Advisory