4.3
CVSSv2

CVE-2020-28040

Published: 02/11/2020 Updated: 11/11/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

WordPress prior to 5.5.2 allows CSRF attacks that change a theme's background image.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wordpress wordpress

Vendor Advisories

WordPress before 552 allows CSRF attacks that change a theme's background image ...
Debian Bug report logs - #973562 wordpress: Wordpress 552 security release Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: Craig Small <csmall@debianorg> Date: Sun, 1 Nov 2020 21:03:02 UTC Severity: importan ...
Several vulnerabilities were discovered in Wordpress, a web blogging tool They allowed remote attackers to run insecure deserialization, embed spam, perform various Cross-Site Scripting (XSS) or Cross-Site Request Forgery (CSRF) attacks, escalate privileges, run arbitrary code, and delete arbitrary files For the stable distribution (buster), thes ...
Arch Linux Security Advisory ASA-202011-3 ========================================= Severity: Critical Date : 2020-11-03 CVE-ID : CVE-2020-28032 CVE-2020-28033 CVE-2020-28034 CVE-2020-28035 CVE-2020-28036 CVE-2020-28037 CVE-2020-28038 CVE-2020-28039 CVE-2020-28040 Package : wordpress Type : multiple issues Remote : Yes ...

Github Repositories

NVD-NIST Parser is a parser service. It parses to NVD source and information to you about your product vulnerabilities.

NVD-NIST Parser NVD-NIST Parser is a parser service It parses to NVD source and information to you about your product vulnerabilities Get all affected vulnerabilities of your product Get vulnerabilitiy detail Simple usage: Now it service has only 2 endpoint One of provides to get all vulnerabilities of your product Request url : /api/GetAllVulnerabilities?vendorName=wor