CVE-2017-5610
wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms.
We have discovered 442,792 live websites that are affected by CVE-2017-5610.
Affected Software
| Product |  WordPress |
| Category | Content Management System |
| Vulnerable Domains | 442,792 live websites (5.40% of WordPress install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 768 versions ( 58% of all versions) |
Details
- Published - Jan 30, 2017
- Updated - Aug 5, 2024
CVE References
Website Distribution by Country
Number of websites using CVE-2017-5610 United States | 74,369 websites |
 Italy | 69,276 websites |
 Germany | 32,637 websites |
 Japan | 24,511 websites |
 GB | 23,149 websites |
 Russia | 22,394 websites |
 Poland | 20,990 websites |
 France | 18,996 websites |
 Iran | 13,027 websites |
 Netherlands | 12,629 websites |
Website Distribution by TLD
Number of websites using CVE-2017-5610| .com | 153,862 websites |
| .it | 45,478 websites |
| .ru | 18,594 websites |
| .org | 15,893 websites |
| .de | 15,757 websites |
| .pl | 15,066 websites |
| .net | 12,817 websites |
| .co.uk | 12,486 websites |
| .nl | 8,861 websites |
| .fr | 7,623 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2017-5610
Top websites that are affected by CVE-2017-5610. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****.com | United States | *,*** | |
| ************.org | United States | *,*** | |
| ******.com | France | *,*** | |
| ***********.eu |  Cyprus | *,*** | |
| *******.org | United States | *,*** | |
| *********.io | Netherlands | *,*** | |
| ***********.com | United States | *,*** | |
| ********.com | United States | *,*** | |
| ********.org | United States | *,*** | |
| ********.eu |  Austria | *,*** |
References
- https://codex.wordpress.org/Version_4.7.2
- http://www.securityfocus.com/bid/95816
- http://www.debian.org/security/2017/dsa-3779
- http://www.openwall.com/lists/oss-security/2017/01/28/5
- https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de877dd88ea454
- https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
- https://wpvulndb.com/vulnerabilities/8729
- http://www.securitytracker.com/id/1037731