Lucene search
Veracode Vulnerability DatabaseVERACODE:28173HistoryDec 06, 2020 - 3:20 a.m.
Cross-Site Scripting (XSS)
2020-12-0603:20:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
wordpress
xss
vulnerability
post slugs
remote attacker
arbitrary javascript
browser
EPSS
0.024
Percentile
90.2%
WordPress is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject and execute arbitrary Javascript in a user’s browser via post slugs.
References
blog.ripstech.com
lists.debian.org/debian-lts-announce/2020/11/msg00004.html
lists.fedoraproject.org/archives/list/[email protected]/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3/
lists.fedoraproject.org/archives/list/[email protected]/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244/
lists.fedoraproject.org/archives/list/[email protected]/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y/
security-tracker.debian.org/tracker/CVE-2020-28038
wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
www.debian.org/security/2020/dsa-4784
Related
osv
osv
BIT-wordpress-multisite-2020-28038
2024-03-06 11:11:18
CVE-2020-28038
2020-11-02 21:15:31
BIT-wordpress-2020-28038
2024-03-06 11:11:28
veracode
veracode
Cross-site Scripting (XSS)
2020-11-03 07:08:10
wpvulndb
wpvulndb
WordPress < 5.5.2 - Stored XSS in Post Slugs
2020-10-29 00:00:00
debiancve
debiancve
CVE-2020-28038
2020-11-02 21:15:31
ubuntucve
ubuntucve
CVE-2020-28038
2020-11-02 00:00:00
nvd
nvd
CVE-2020-28038
2020-11-02 21:15:31
cvelist
cvelist
CVE-2020-28038
2020-10-31 00:59:04
prion
prion
Cross site scripting
2020-11-02 21:15:00
patchstack
patchstack
cve
cve
CVE-2020-28038
2020-11-02 21:15:31
nessus
nessus
WordPress < 5.5.2 Multiple Vulnerabilities
2020-11-04 00:00:00
Fedora 31 : wordpress (2020-15e15c35da)
2020-11-12 00:00:00
Debian DLA-2429-1 : wordpress security update
2020-11-06 00:00:00
openvas
openvas
Fedora: Security Advisory for wordpress (FEDORA-2020-b386fac43a)
2020-11-11 00:00:00
Debian: Security Advisory (DSA-4784-1)
2020-11-07 00:00:00
Fedora: Security Advisory for wordpress (FEDORA-2020-15e15c35da)
2020-11-11 00:00:00
debian
debian
[SECURITY] [DLA 2429-1] wordpress security update
2020-11-03 07:19:50
[SECURITY] [DSA 4784-1] wordpress security update
2020-11-06 13:39:18
[SECURITY] [DSA 4784-1] wordpress security update
2020-11-06 13:39:18
fedora
fedora
[SECURITY] Fedora 33 Update: wordpress-5.5.3-1.fc33
2020-11-11 01:20:58
[SECURITY] Fedora 32 Update: wordpress-5.5.3-1.fc32
2020-11-11 01:21:28
[SECURITY] Fedora 31 Update: wordpress-5.5.3-1.fc31
2020-11-11 01:32:19
archlinux
archlinux
[ASA-202011-3] wordpress: multiple issues
2020-11-03 00:00:00