4 matches found
WordPress XSS Vulnerability (May 2020) - Windows
WordPress is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...
WordPress XSS Vulnerability (May 2020) - Linux
WordPress is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...
CVE-2020-11030
In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously...
CVE-2020-11030
CVE-2020-11030 affects WordPress blocks/search handling. A crafted payload can cause scripts to run within the block editor search block when an authenticated user with content-adding rights is present. The vulnerability is mitigated by upgrading to WordPress 5.4.1 or applying the listed minor re...