CVE-2020-28036 log
| Source |
|
| Severity | High |
| Remote | Yes |
| Type | Privilege escalation |
| Description | wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1257 | wordpress | 5.5.1-1 | 5.5.3-1 | Critical | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 03 Nov 2020 | ASA-202011-3 | AVG-1257 | wordpress | Critical | multiple issues |
| References |
|---|
https://github.com/WordPress/wordpress-develop/commit/c9e6b98968025b1629015998d12c3102165a7d32 |