CVE Daily

CVE-2018-20153

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new co...

Medium CVSS 5.4

Overview

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.

CWE: CWE-79 Published: 2018-12-14T20:29:00.593
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.4 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags