4.7.2

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-12	CVE-2017-6817	Cross-site Scripting vulnerability in Wordpress In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds. network wordpress debian CWE-79	3.5
2017-03-12	CVE-2017-6816	Incorrect Authorization vulnerability in Wordpress In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality. network low complexity wordpress debian CWE-863	5.5
2017-03-12	CVE-2017-6815	Improper Input Validation vulnerability in Wordpress In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL validation. network wordpress debian CWE-20	5.8
2017-03-12	CVE-2017-6814	Cross-site Scripting vulnerability in Wordpress In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata. network wordpress debian CWE-79	3.5