Comments on: [CVE-2016-9263] XSF vulnerability in WordPress [UPDATED] /2017/10/cve-2016-9263-unpatched-xsf-vulnerability-in-wordpress/?utm_source=rss&utm_medium=rss&utm_campaign=cve-2016-9263-unpatched-xsf-vulnerability-in-wordpress Open mind Security and Crypto! Fri, 30 Jul 2021 20:07:09 +0000 hourly 1 https://wordpress.org/?v=6.0.11 By: Andy Thompson /2017/10/cve-2016-9263-unpatched-xsf-vulnerability-in-wordpress/#comment-122 Fri, 13 Oct 2017 10:40:38 +0000 /?p=209#comment-122 In reply to Andy Thompson.

committed to master branch August 1st

]]> By: Andy Thompson /2017/10/cve-2016-9263-unpatched-xsf-vulnerability-in-wordpress/#comment-121 Fri, 13 Oct 2017 10:39:18 +0000 /?p=209#comment-121 Sorry the link I gave wasn’t technically correct, it’s this commit in WordPress/WordPress master branch https://github.com/WordPress/WordPress/commit/7af3b927362c619752eedd3f9cf209cdaefa0eca

]]> By: Andy Thompson /2017/10/cve-2016-9263-unpatched-xsf-vulnerability-in-wordpress/#comment-120 Fri, 13 Oct 2017 10:11:07 +0000 /?p=209#comment-120 Does this satisfy your concern that Automattic is continuing to ignore the issue?

https://github.com/023yangbo/WordPress/pull/12 – merged Sep 3 and presumably will be in the WordPress 4.9 release.

]]>