CVE-2016-7169

Name: Websites susceptible to CVE-2016-7169
Creator: WebTechSurvey

CVE-2016-7169

Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.

We have discovered 388,730 live websites that are affected by CVE-2016-7169.

Run a Free Instant Scan

Affected Software


Product	WordPress
Category	Content Management System
Vulnerable Domains	388,730 live websites (4.68% of WordPress install base)
Vulnerable Versions	from 0 through 4.6.1
Vulnerable Versions Count	279 versions ( 42% of all versions)

Available Reports

Website List

Details

Published - Jan 5, 2017
Updated - Aug 6, 2024

CVE References

Website Distribution by Country

Number of websites using CVE-2016-7169

United States	58,148 websites

Italy	64,986 websites
Germany	28,187 websites
Japan	22,579 websites
Russia	21,405 websites
GB	20,509 websites
Poland	17,959 websites
France	16,001 websites
Netherlands	13,411 websites
Iran	8,006 websites

Website Distribution by TLD

Number of websites using CVE-2016-7169

.com	129,344 websites
.it	42,109 websites
.ru	17,994 websites
.org	13,224 websites
.pl	12,761 websites
.de	12,661 websites
.net	12,033 websites
.co.uk	11,345 websites
.nl	8,513 websites
.fr	5,833 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2016-7169

Top websites that are affected by CVE-2016-7169. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
*****.com	United States	,**
************.org	United States	,**
********.eu	Austria	,**
********************.ru	Russia	,**
********************.com	Cyprus	,**
*****..ca	Canada	,**
**********.com	United States	,*
*****.com	Italy	,*
*********..za	South Africa	,*
**************.se	Sweden	,*