cpe:/a:wordpress:wordpress:4.8.2 CVE-2017-16510 2017-11-02T12:29:00.787-04:00 2018-02-03T21:29:14.100-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BID 101638 DEBIAN DSA-4090 MLIST [debian-lts-announce] 20171104 [SECURITY] [DLA 1160-1] wordpress security update MISC https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html MISC https://codex.wordpress.org/Version_4.8.3 MISC https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d MISC https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/ MISC https://wpvulndb.com/vulnerabilities/8941 WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a "double prepare" approach, a different vulnerability than CVE-2017-14723.