CVE-2017-9063

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.

We have discovered 414,769 live websites that are affected by CVE-2017-9063.

Run a Free Instant Scan



Affected Software

Product  WordPress
Category Content Management System
Vulnerable Domains414,769 live websites (5.11% of WordPress install base)
Vulnerable Versions
  • from 0 through 4.7.5
Vulnerable Versions Count314 versions ( 47% of all versions)



Details

  • Published - May 18, 2017
  • Updated - Aug 5, 2024

Website Distribution by Country

Number of websites using CVE-2017-9063
United States65,035 websites


Italy65,100 websites
Germany31,120 websites
Japan23,970 websites
Russia22,790 websites
GB21,393 websites
Poland19,020 websites
France17,451 websites
Netherlands13,211 websites
Iran8,758 websites

Website Distribution by TLD

Number of websites using CVE-2017-9063
.com141,549 websites
.it42,136 websites
.ru19,092 websites
.org14,138 websites
.de14,116 websites
.pl13,515 websites
.net12,804 websites
.co.uk11,753 websites
.nl8,259 websites
.fr6,533 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2017-9063

Top websites that are affected by CVE-2017-9063. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
*****.com United States*,***
************.org United States*,***
********.eu Austria*,***
********************.ru Russia*,***
********************.com Cyprus*,***
****************.com United States*,***
*******.**.ca Canada*,***
**********.com United States**,***
***************.org United States**,***
*****.com Italy**,***
See full domain list

FAQ

A total of 414,769 websites have been identified as vulnerable to CVE-2017-9063, based on global website indexing conducted by WebTechSurvey.
The WordPress is affected by the CVE-2017-9063 vulnerability.
WordPress versions up to and including 4.7.5 are vulnerable to CVE-2017-9063.