CVE-2020-28039

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.5.2

Description: The issue is related to the is protected meta function in the wp-includes/meta.php component of the WordPress content management system. This function incorrectly determines the protection status of a meta key. Exploitation of this issue can allow a remote attacker to compromise data integrity and cause a denial of service. The vulnerability can lead to arbitrary file deletion because it does not properly determine whether a meta key is considered protected.

Recommendations: For versions prior to 5.5.2, update to version 5.5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the is protected meta function in wp-includes/meta.php to minimize the risk of exploitation.