First published: Thu Jun 23 2022(Updated: )
A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Automattic Vaultpress | =1.8.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2017-20086 is classified as high.
CVE-2017-20086 affects an unknown part of VaultPress Plugin 1.8.4, leading to code injection.
Yes, CVE-2017-20086 can be exploited remotely.
The CWE ID associated with CVE-2017-20086 is CWE-94.
To fix CVE-2017-20086 in VaultPress Plugin 1.8.4, update to a version that addresses the vulnerability.