WordPress · Wordpress · CVE-2020-28035
Name of the Vulnerable Software and Affected Versions:
WordPress versions prior to 5.5.2
Description:
The issue is related to a lack of privilege management mechanism in the WordPress content management system. Exploitation of this issue can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause a denial of service. The estimated number of potentially affected devices worldwide is not specified.
Recommendations:
For versions prior to 5.5.2, update to version 5.5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the XML-RPC functionality until a patch is applied.