WordPress.Web.API.Endpoint.Privilege.Escalation
Description
This indicates an attack attempt to exploit a Privilege Escalation vulnerability in WordPress.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted "ID" parameter in HTTP requests. A remote attacker may be able to exploit this to escalate their privileges on vulnerable WordPress sites.
Affected Products
WordPress versions 4.7.1 and earlier versions
Impact
Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |