Medium severity6.1OSV Advisory· Published Jan 18, 2018· Updated Jun 17, 2026
CVE-2018-5776
CVE-2018-5776
Description
WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <4.9.2
Patches
Vulnerability mechanics
References
4- github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850nvdPatch
- codex.wordpress.org/Version_4.9.2nvdProductVendor Advisory
- wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/nvdRelease NotesVendor Advisory
- wpvulndb.com/vulnerabilities/9006nvdThird Party Advisory
News mentions
0No linked articles in our index yet.