Threat Encyclopedia



This indicates an attack attempt against a Directory Traversal vulnerability in WordPress
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests to Admin API. A remote attacker can exploit this to perform a denial of service attack on the service target via multiple crafted requests.

Affected Products

WordPress Project WordPress prior to 4.6


Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the latest patch from the vendor.

CVE References