Lucene search

K
patchstackToshitsugu Yoneyama (Mitsui Bussan Secure Directions, Inc. via JPCERT)PATCHSTACK:E6EB4F9581026C3A22D6EE3944A34053
HistoryOct 18, 2022 - 12:00 a.m.

WordPress core <= 6.0.2 - Stored Cross-Site Scripting (XSS) vulnerability

2022-10-1800:00:00
Toshitsugu Yoneyama (Mitsui Bussan Secure Directions, Inc. via JPCERT)
patchstack.com
14

Stored Cross-Site Scripting (XSS) vulnerability via wp-mail.php discovered by Toshitsugu Yoneyama (Mitsui Bussan Secure Directions, Inc. via JPCERT) in WordPress core (versions <= 6.0.2)

Solution

           Update the WordPress to the latest available version (at least 6.0.3).
CPENameOperatorVersion
wordpressle6.0.2