logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

WordPress 5.5 Vulnerabilities

Version released on 2020-08-11

downloadDownload tardownloadDownload zip

2021-11-25

WordPress < 5.8 - Plugin Confusion

fixed in version 5.8

2021-11-10

WordPress < 5.8.2 - Expired DST Root CA X3 Certificate

fixed in version 5.5.7

2021-09-09

WordPress 5.4 to 5.8 - Lodash Library Update

fixed in version 5.5.6

2021-09-09

WordPress 5.4 to 5.8 - Authenticated XSS in Block Editor

fixed in version 5.5.6

2021-09-09

WordPress 5.4 to 5.8 - Data Exposure via REST API

fixed in version 5.5.6

2021-05-13

WordPress 3.7 to 5.7.1 - Object Injection in PHPMailer

fixed in version 5.5.5

2021-04-15

WordPress 4.7-5.7 - Authenticated Password Protected Pages Exposure

fixed in version 5.5.4

2020-10-29

WordPress < 5.5.2 - Hardening Deserialization Requests

fixed in version 5.5.2

2020-10-29

WordPress < 5.5.2 - Disable Spam Embeds from Disabled Sites on a Multisite Network

fixed in version 5.5.2

2020-10-29

WordPress < 5.5.2 - Cross-Site Scripting (XSS) via Global Variables

fixed in version 5.5.2

2020-10-29

WordPress < 5.5.2 - XML-RPC Privilege Escalation

fixed in version 5.5.2

2020-10-29

WordPress < 5.5.2 - Unauthenticated DoS Attack to RCE

fixed in version 5.5.2

2020-10-29

WordPress < 5.5.2 - Stored XSS in Post Slugs

fixed in version 5.5.2

2020-10-29

WordPress < 5.5.2 - Protected Meta That Could Lead to Arbitrary File Deletion

fixed in version 5.5.2

2020-10-29

WordPress < 5.5.2 - Cross-Site Request Forgery (CSRF) to Change Theme Background

fixed in version 5.5.2