AVG-1831 log
| Package | wordpress |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 5.7-1 |
| Fixed | 5.7.1-1 |
| Current | 6.7-1 [extra] |
| Ticket | None |
| Created | Fri Apr 16 11:20:35 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-29450 | Medium | Yes | Information disclosure | One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This requires at least contributor... |
| CVE-2021-29447 | Medium | Yes | Xml external entity injection | A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XML external entity injection... |