wordpress -- multiple vulnerabilities
Jeremy Felt reports:
WordPress versions 4.6 and earlier are affected by two security
issues: a cross-site scripting vulnerability via image filename,
reported by SumOfPwn researcher Cengiz Han Sahin; and a path
traversal vulnerability in the upgrade package uploader, reported
by Dominik Schilling from the WordPress security team.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright