CVE-2017-6817

In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.

We have discovered 536,305 live websites that are affected by CVE-2017-6817.

Test my site



Affected Software

Product  WordPress
Category Content Management System
Vulnerable Domains536,305 live websites (5.82% of WordPress install base)
Vulnerable Versions
  • from 0 before 4.7.3
Vulnerable Versions Count593 versions ( 63.69% of all versions)



Details

  • Published - Mar 12, 2017
  • Updated - Aug 5, 2024

CVE-2017-6817 usage by Country

United States97,132 websites


Italy74,522 websites
Germany37,784 websites
Japan31,325 websites
Australia29,280 websites
GB26,182 websites
France24,104 websites
Russia22,437 websites
Poland19,871 websites
Netherlands18,418 websites

CVE-2017-6817 usage by TLD

.com187,473 websites
.it49,606 websites
.com.au20,930 websites
.ru19,749 websites
.org18,108 websites
.de17,726 websites
.net16,712 websites
.co.uk16,018 websites
.pl14,406 websites
.nl12,372 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2017-6817

Top websites that are affected by CVE-2017-6817. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
*****.com United States*,***
****.***********.de Germany*,***
*************.com United States*,***
************.org United States*,***
********.eu Austria*,***
********************.ru Russia*,***
*******.**.ca Canada*,***
**********.com United States**,***
***************.org United States**,***
**************.********.com United States**,***
See full domain list

FAQ

A total of 536,305 websites have been identified as vulnerable to CVE-2017-6817, discovered through global website indexing conducted by WebTechSurvey.
WordPress is susceptible to CVE-2017-6817 vulnerability.
WordPress versions before 4.7.3 are vulnerable to CVE-2017-6817.
Version 4.7.3 of WordPress addresses the CVE-2017-6817 security vulnerability.