Lucene search
Veracode Vulnerability DatabaseVERACODE:25186HistoryMay 06, 2020 - 4:26 a.m.
Cross-site Scripting (XSS)
2020-05-0604:26:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
EPSS
0.001
Percentile
33.1%
Wordpress is vulnerable to cross-site scripting (XSS). The RSS and search block of the block editor accepts an authenticated user-provided malicious data without proper handling, allowing an attacker to inject and execute arbitrary Javascript in a user’s browser.
Related
osv
osv
BIT-wordpress-multisite-2020-11030
2024-03-06 11:11:51
BIT-wordpress-2020-11030
2024-03-06 11:12:01
CVE-2020-11030
2020-04-30 23:15:11
nvd
nvd
CVE-2020-11030
2020-04-30 23:15:11
openvas
openvas
WordPress XSS Vulnerability (May 2020) - Linux
2020-05-05 00:00:00
WordPress XSS Vulnerability (May 2020) - Windows
2020-05-05 00:00:00
wpvulndb
wpvulndb
WordPress < 5.4.1 - Authenticated Cross-Site Scripting (XSS) in Search Block
2020-04-29 00:00:00
cve
cve
CVE-2020-11030
2020-04-30 23:15:11
cvelist
cvelist
CVE-2020-11030 Cross-site scripting (XSS) in Search block in WordPress
2020-04-30 22:15:14
prion
prion
Code injection
2020-04-30 23:15:00
debiancve
debiancve
CVE-2020-11030
2020-04-30 23:15:11
ubuntucve
ubuntucve
CVE-2020-11030
2020-04-30 00:00:00
debian
debian
[SECURITY] [DSA 4677-1] wordpress security update
2020-05-06 06:30:09
[SECURITY] [DSA 4677-1] wordpress security update
2020-05-06 06:30:09
nessus
nessus
Debian DSA-4677-1 : wordpress - security update
2020-05-07 00:00:00