EPSS
Percentile
97.5%
According to WordPress: “This release also includes a pair of security fixes that handle how comments are filtered and then stored in the database. With a maliciously crafted comment, a WordPress post was vulnerable to cross-site scripting.”
blog.ripstech.com/2019/wordpress-csrf-to-rce/
github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b
wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/