Search for packages
| purl | pkg:alpm/archlinux/wordpress@4.7.3-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-e1ss-azne-d7ha | In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This. |
CVE-2017-6819
|
| VCID-jf98-kean-p3b3 | In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names. |
CVE-2017-6818
|
| VCID-qpsj-hsmm-6qa8 | security update |
CVE-2017-6816
|
| VCID-srjh-2qnk-e7c6 | security update |
CVE-2017-6817
|
| VCID-tf2u-dse2-mufb | security update |
CVE-2017-6814
|
| VCID-vywc-p4tw-8yd2 | security update |
CVE-2017-6815
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T18:27:12.982743+00:00 | Arch Linux Importer | Fixing | VCID-tf2u-dse2-mufb | https://security.archlinux.org/AVG-202 | 38.0.0 |
| 2026-04-01T18:27:12.959910+00:00 | Arch Linux Importer | Fixing | VCID-vywc-p4tw-8yd2 | https://security.archlinux.org/AVG-202 | 38.0.0 |
| 2026-04-01T18:27:12.935035+00:00 | Arch Linux Importer | Fixing | VCID-qpsj-hsmm-6qa8 | https://security.archlinux.org/AVG-202 | 38.0.0 |
| 2026-04-01T18:27:12.911525+00:00 | Arch Linux Importer | Fixing | VCID-srjh-2qnk-e7c6 | https://security.archlinux.org/AVG-202 | 38.0.0 |
| 2026-04-01T18:27:12.887391+00:00 | Arch Linux Importer | Fixing | VCID-jf98-kean-p3b3 | https://security.archlinux.org/AVG-202 | 38.0.0 |
| 2026-04-01T18:27:12.863799+00:00 | Arch Linux Importer | Fixing | VCID-e1ss-azne-d7ha | https://security.archlinux.org/AVG-202 | 38.0.0 |