WordPress 5.8.x < 5.8.4 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored cross-site scripting XSS vulnerability exists via wpfilterglobalstylespost. - A prototype pollution exists via the Gutenberg wordpress/url package. Note that the...

UBUNTU-CVE-2021-39203

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This...

CVE-2021-39203 Private data disclosure/privilege escalation through the block editor in Wordpress

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This...

PT-2021-4498 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions 5.8 beta 1 through 5.8 Description: The issue is related to improper handling of HTML input in the Custom HTML feature of the widgets editor, introduced in WordPress 5.8 beta 1. This leads to stored XSS in the custom HTML...