CyberSec.Space Logo
Back to CVE Browser

CVE-2020-28035

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1500%
EPSS Percentile22.94th
PublishedNov 2, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.

Affected Platforms (CPE)

πŸ“¦
Wordpress

Wordpress

< 5.5.2
πŸ’»
Fedoraproject

Fedora

= 31
πŸ’»
Fedoraproject

Fedora

= 32
πŸ’»
Fedoraproject

Fedora

= 33
πŸ’»
Debian

Debian Linux

= 10.0

References & Advisories

πŸ”— https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html
πŸ”— https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3/
πŸ”— https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244/
πŸ”— https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y/
πŸ”— https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
πŸ”— https://www.debian.org/security/2020/dsa-4784
πŸ”— https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html
πŸ”— https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3/

Related Vulnerabilities

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...

CVE-2026-121886.3

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules...