3 matches found
WordPress XSS Vulnerability (May 2020) - Linux
WordPress is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...
CVE-2020-11025
In affected versions of WordPress, a cross-site scripting XSS vulnerability in the navigation section of Customizer allows JavaScript code to be executed. Exploitation requires an authenticated user. This has been patched in version 5.4.1, along with all the previously affected versions via a min...
CVE-2020-11025
Summary of CVE-2020-11025 : In affected WordPress versions, there is an authenticated XSS vulnerability in the Customizer navigation section that allows JavaScript execution. The issue is due to improper input handling in the navigation UI and requires an authenticated user to exploit. It has bee...