← back
CVE-2017-14725

CVE-2017-14725

EPSS 2.1%
Vexday Risk Score
18Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 2.1%KEV nãoPoC Nuclei simMetasploit Patch referenciado
Lifecycle
23 Sep 2017Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php.
Affected products
n/a · n/a