vulnerability
Wordpress: CVE-2018-20153: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:N/I:P/A:N) | 2018-12-14 | 2019-01-15 | 2024-11-27 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
2018-12-14
Added
2019-01-15
Modified
2024-11-27
Description
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
Solution(s)
wordpress-upgrade-4_9_9wordpress-upgrade-5_0_1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.