CVE-2016-6635 in WordPressinfo

Summary

Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_compression_test function in wp-admin/includes/ajax-actions.php in WordPress before 4.5 allows remote attackers to hijack the authentication of administrators for requests that change the script compression option.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

08/07/2016

Disclosure

08/07/2016

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
90674	WordPress ajax-actions.php wp_ajax_wp_compression_test cross-site request forgery	352	Not defined	Official fix	CVE-2016-6635

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!