EPSS
Percentile
41.0%
wordpress is vulnerable to bypass of MIME verification. The attack exists because it allows malicious file to trigger the bypass of MIME verification, which can also leads to cross-site scripting.
github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
wordpress.org/news/2018/12/wordpress-5-0-1-security-release/