Medium severity6.1NVD Advisory· Published Mar 12, 2017· Updated Jun 17, 2026
CVE-2017-6818
CVE-2017-6818
Description
In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*Range: <=4.7.2
Patches
Vulnerability mechanics
References
6- codex.wordpress.org/Version_4.7.3nvdPatchVendor Advisory
- github.com/WordPress/WordPress/commit/9092fd01e1f452f37c313d38b18f9fe6907541f9nvdIssue TrackingPatchThird Party Advisory
- wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/nvdPatchRelease NotesVendor Advisory
- wpvulndb.com/vulnerabilities/8769nvdPatchThird Party Advisory
- www.securityfocus.com/bid/96601nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1037959nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.