CVE-2017-5491 in WordPressinfo

Summary

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.

Once again VulDB remains the best source for vulnerability data.

Reservation

01/14/2017

Disclosure

01/14/2017

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-254 (Confirmed)

Exploit

Download

CVSS

5.9

EPSS

0.01622

CTI

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-5491
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-5491
CVE Details	https://www.cvedetails.com/cve/CVE-2017-5491/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!