Unrated severityNVD Advisory· Published Oct 31, 2020· Updated Aug 4, 2024
CVE-2020-28033
CVE-2020-28033
Description
WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- WordPress/WordPressdescription
- osv-coords2 versions
< 5.5.2+ 1 more
- (no CPE)range: < 5.5.2
- (no CPE)range: < 5.5.2
Patches
Vulnerability mechanics
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y/mitrevendor-advisoryx_refsource_FEDORA
- www.debian.org/security/2020/dsa-4784mitrevendor-advisoryx_refsource_DEBIAN
- lists.debian.org/debian-lts-announce/2020/11/msg00004.htmlmitremailing-listx_refsource_MLIST
- wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.