Lucene search
Veracode Vulnerability DatabaseVERACODE:27740HistoryNov 03, 2020 - 7:08 a.m.
Cross-site Scripting (XSS)
2020-11-0307:08:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
wordpress
vulnerability
cross-site scripting
injection
malicious script
EPSS
0.024
Percentile
90.2%
wordpress is vulnerable to cross-site scripting (XSS). The vulnerability exists because the attacker is able to inject malicious script via post slugs and get it executed when a user visits the page.
References
blog.ripstech.com
lists.debian.org/debian-lts-announce/2020/11/msg00004.html
lists.fedoraproject.org/archives/list/[email protected]/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3/
lists.fedoraproject.org/archives/list/[email protected]/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244/
lists.fedoraproject.org/archives/list/[email protected]/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y/
wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
www.debian.org/security/2020/dsa-4784
Related
osv
osv
BIT-wordpress-multisite-2020-28038
2024-03-06 11:11:18
CVE-2020-28038
2020-11-02 21:15:31
BIT-wordpress-2020-28038
2024-03-06 11:11:28
wpvulndb
wpvulndb
WordPress < 5.5.2 - Stored XSS in Post Slugs
2020-10-29 00:00:00
debiancve
debiancve
CVE-2020-28038
2020-11-02 21:15:31
ubuntucve
ubuntucve
CVE-2020-28038
2020-11-02 00:00:00
nvd
nvd
CVE-2020-28038
2020-11-02 21:15:31
cvelist
cvelist
CVE-2020-28038
2020-10-31 00:59:04
prion
prion
Cross site scripting
2020-11-02 21:15:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-12-06 03:20:32
patchstack
patchstack
cve
cve
CVE-2020-28038
2020-11-02 21:15:31
nessus
nessus
WordPress < 5.5.2 Multiple Vulnerabilities
2020-11-04 00:00:00
Fedora 31 : wordpress (2020-15e15c35da)
2020-11-12 00:00:00
Debian DLA-2429-1 : wordpress security update
2020-11-06 00:00:00
debian
debian
[SECURITY] [DLA 2429-1] wordpress security update
2020-11-03 07:19:50
[SECURITY] [DSA 4784-1] wordpress security update
2020-11-06 13:39:18
[SECURITY] [DSA 4784-1] wordpress security update
2020-11-06 13:39:18
fedora
fedora
[SECURITY] Fedora 33 Update: wordpress-5.5.3-1.fc33
2020-11-11 01:20:58
[SECURITY] Fedora 32 Update: wordpress-5.5.3-1.fc32
2020-11-11 01:21:28
[SECURITY] Fedora 31 Update: wordpress-5.5.3-1.fc31
2020-11-11 01:32:19
openvas
openvas
Debian: Security Advisory (DSA-4784-1)
2020-11-07 00:00:00
Fedora: Security Advisory for wordpress (FEDORA-2020-b386fac43a)
2020-11-11 00:00:00
Fedora: Security Advisory for wordpress (FEDORA-2020-15e15c35da)
2020-11-11 00:00:00
archlinux
archlinux
[ASA-202011-3] wordpress: multiple issues
2020-11-03 00:00:00