Insecure Deserialization of untrusted data

Description Impact Unserialization of untrusted data. Patches The issue has been patched and users of Requests 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0. References Publications about the vulnerability:...

UBUNTU-CVE-2020-28036

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post...

Cross site request forgery (csrf)

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image...

WordPress Multiple Vulnerabilities (Oct 2020) - Linux

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

CVE-2020-28035

WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC...

WordPress Patches 3-Year-Old High-Severity RCE Bug

WordPress released a 5.5.2 update to its ubiquitous web publishing software platform. The update patches a high-severity bug, which could allow a remote unauthenticated attacker to take over a targeted website via a narrowly tailored denial-of-service attack. In all, the WordPress Security and...