Описание
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-20153
- https://codex.wordpress.org/Version_4.9.9
- https://lists.debian.org/debian-lts-announce/2019/02/msg00019.html
- https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release
- https://wordpress.org/support/wordpress-version/version-5-0-1
- https://wpvulndb.com/vulnerabilities/9172
- https://www.debian.org/security/2019/dsa-4401
- https://www.zdnet.com/article/wordpress-plugs-bug-that-led-to-google-indexing-some-user-passwords
- http://www.securityfocus.com/bid/106220
Связанные уязвимости
CVSS3: 5.4
ubuntu
больше 6 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
CVSS3: 5.4
nvd
больше 6 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
CVSS3: 5.4
debian
больше 6 лет назад
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could mod ...