Reflected XSS in WordPress v5.5.1 and Lower

mblog.my October 31, 2020 Wordpress News Leave a comment 460 Views

[ad_1]

Exploitation Level: Medium: requires some level of social engineering

DREAD Score: 6.8

Vulnerability: Reflected XSS

Patched Version: 5.5.2

WordPress released version 5.5.2 yesterday, which fixed a reflected XSS vulnerability we reported earlier this year. The root cause of this issue is a bug in the way WordPress determines a user’s current page, and which may cause a few other problems as well.

Are You Affected?

This vulnerability is exploitable on every WordPress site and user account. For the exploit to be successful, the attacker must trick an unsuspecting user into clicking on a malicious…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by Coldfusion Hosting
© Copyright 2024, All Rights Reserved