EPSS
Percentile
43.4%
Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions are able to add JavaScript to media files.
github.com/WordPress/wordpress-develop/security/advisories/GHSA-8q2w-5m27-wm27
wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/