WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Talk to sales
WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Talk to sales
WordPress Vulnerabilities
WordPress <= 4.2.3 - Nav Menu Title Cross-Site Scripting (XSS)
Affects WordPress
3.8.1
Fixed in version 3.8.10
3.8
Fixed in version 3.8.10
3.7.1
Fixed in version 3.7.10
3.9
Fixed in version 3.9.8
3.9.1
Fixed in version 3.9.8
3.7
Fixed in version 3.7.10
3.8.2
Fixed in version 3.8.10
3.8.3
Fixed in version 3.8.10
3.9.2
Fixed in version 3.9.8
4.0
Fixed in version 4.0.7
Show more
References
CVE
CVE-2015-5733
URL
https://core.trac.wordpress.org/changeset/33541
Classification
Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
Miscellaneous
Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
4df947ed-d886-4e99-bc8c-b5be1af9844f
Timeline
Publicly Published
2015-08-05
(about 7 years ago)
Added
2015-08-05
(about 7 years ago)
Last Updated
2019-10-22
(about 3 years ago)
Our Other Services
WPScan WordPress Security Plugin