EUVD-2020-20531

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-28040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress before 5.5.2 allows CSRF attacks that change a theme's background image. CVE-2020-28040 Note that Nessus relies on the presence of the package as...

DEBIAN-CVE-2020-28040

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image...

CVE-2020-28040

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image...

CVE-2020-28040

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image...

WordPress < 5.5.2 - Cross-Site Request Forgery (CSRF) to Change Theme Background

Description Erwan, a security researcher from the WPScan team, discovered and responsibly disclosed a Cross-Site Request Forgery CSRF vulnerability that could allow an unauthenticated attacker to change the background image of the theme. For a successful attack, a privileged authenticated WordPre...

PT-2020-5776 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.5.2 Description: The issue is related to insufficient mechanisms against cross-site request forgery CSRF in the WordPress content management system. This allows a remote attacker to exploit the weakness and impac...