CVE-2017-6816

In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality.

Published : 2017-03-12 01:59 Updated : 2019-10-03 00:03

5.5
CVSS Score More info
Score 5.5 / 10
5.5
Vendor Product Version URI
Wordpress Wordpress 4.7.2 cpe:/a:wordpress:wordpress:4.7.2
Debian Debian Linux 8.0 cpe:/o:debian:debian_linux:8.0
Debian Debian Linux 9.0 cpe:/o:debian:debian_linux:9.0
  1. Wordpress (1) Search CVE
    1. Wordpress (1) Search CVE
      1. 4.7.2
  2. Debian (1) Search CVE
    1. Debian Linux (2) Search CVE
      1. 8.0
      2. 9.0

CWE

ID Name Description Links
CWE-863 Incorrect Authorization The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions. CVE

History of changes

Date Event
2019-10-03 00:03
2019-03-19 12:38
2017-11-04 01:29
2017-07-17 14:32
2017-03-12 01:59

New CVE