Pentest Logo

Advisory

CVE-2020-4046

CVE ID – CVE-2020-4046

CVSS SCORE – 5.4 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

AFFECTED VENDORS – WordPress

AFFECTED PRODUCTS – Version 5.4 and earlier

VULNERABILITY DETAILS – an XSS issue where authenticated users with low privileges are able to add JavaScript to posts in the block editor

ADVICE – Pentest recommend updating to version 5.4.2 to address the vulnerability

CREDIT – Sam Thomas 

Looking for more than just a test provider?

Get in touch with our team and find out how our tailored services can provide you with the information security confidence you need.