vulnerability

Wordpress: CVE-2020-28032: Deserialization of Untrusted Data

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Nov 2, 2020
Added
Nov 11, 2020
Modified
Aug 11, 2025

Description

WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php.

Solution

wordpress-upgrade-5_5_2

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today