0.002 Low
EPSS
Percentile
53.1%
wordpress is vulnerable to privilege escalation. The attack is possible since it does not prevent the contributors from editing new comments made by users with higher privileges.
codex.wordpress.org/Version_4.9.9
wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords/