Описание
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-20153
- https://codex.wordpress.org/Version_4.9.9
- https://lists.debian.org/debian-lts-announce/2019/02/msg00019.html
- https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release
- https://wordpress.org/support/wordpress-version/version-5-0-1
- https://wpvulndb.com/vulnerabilities/9172
- https://www.debian.org/security/2019/dsa-4401
- https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords
- http://www.securityfocus.com/bid/106220
Связанные уязвимости
CVSS3: 5.4
ubuntu
около 7 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
CVSS3: 5.4
nvd
около 7 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
CVSS3: 5.4
debian
около 7 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could mod ...