WordPress Vulnerabilities
WordPress < 5.4.2 - Authenticated XSS via Media Files
Description
Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions are able to add JavaScript to media files.
References
Classification
Miscellaneous
Timeline
Publicly Published
2020-06-11 (about 2 years ago)
Added
2020-06-11 (about 2 years ago)
Last Updated
2020-06-13 (about 2 years ago)