CVE-2016-7168

Name: Websites susceptible to CVE-2016-7168
Creator: WebTechSurvey

CVE-2016-7168

Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename.

We have discovered 375,376 live websites that are affected by CVE-2016-7168.

Run a Free Instant Scan

Affected Software


Product	WordPress
Category	Content Management System
Vulnerable Domains	375,376 live websites (4.63% of WordPress install base)
Vulnerable Versions	from 0 through 4.6.1
Vulnerable Versions Count	279 versions ( 42% of all versions)

Available Reports

Website List

Details

Published - Jan 5, 2017
Updated - Aug 6, 2024

CVE References

Website Distribution by Country

Number of websites using CVE-2016-7168

United States	55,582 websites

Italy	62,710 websites
Germany	28,058 websites
Russia	20,788 websites
Japan	20,600 websites
GB	19,994 websites
Poland	17,786 websites
France	15,324 websites
Netherlands	12,219 websites
Iran	8,584 websites

Website Distribution by TLD

Number of websites using CVE-2016-7168

.com	125,005 websites
.it	40,569 websites
.ru	17,433 websites
.pl	12,629 websites
.org	12,529 websites
.de	12,355 websites
.net	11,294 websites
.co.uk	10,839 websites
.nl	7,530 websites
.fr	5,720 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2016-7168

Top websites that are affected by CVE-2016-7168. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
*****.com	United States	,**
************.org	United States	,**
********.eu	Austria	,**
********************.ru	Russia	,**
********************.com	Cyprus	,**
*****..ca	Canada	,**
**********.com	United States	,*
*****.com	Italy	,*
*********..za	South Africa	,*
**************.se	Sweden	,*