WordPress Vulnerabilities

WordPress < 5.5.2 - XML-RPC Privilege Escalation

Description

The release notes state:

"Thanks to Justin Tran who reported an issue surrounding privilege escalation in XML-RPC. He also found and disclosed an issue around privilege escalation around post commenting via XML-RPC."

Affects WordPress

5.5.1
Fixed in WordPress 5.5.2
5.5
Fixed in WordPress 5.5.2

References

CVE
CVE-2020-28035
CVE
CVE-2020-28036
URL
https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
URL
https://github.com/WordPress/wordpress-develop/commit/c9e6b98968025b1629015998d12c3102165a7d32
URL
https://blog.wpscan.com/2020/10/30/wordpress-5.5.2-security-release.html

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
5.4 (medium)

Miscellaneous

Original Researcher
Justin Tran
Verified
No
WPVDB ID
76a05ec0-08f3-459f-8379-3b4865a0813f

Timeline

Publicly Published
2020-10-29 (about 3 years ago)
Added
2020-10-29 (about 3 years ago)
Last Updated
2020-11-01 (about 3 years ago)

Other

Published
Title
Published
2023-05-11
Title
Essential Addons for Elementor 5.4.0-5.7.1 - Unauthenticated Privilege Escalation
Published
2016-06-06
Title
OneLogin SAML SSO < 2.2.0 - Provisioned User Hardcoded Password
Published
2020-05-28
Title
bbPress 2.6-2.6.5 - Authenticated Privilege Escalation via the Super Moderator feature
Published
2023-12-26
Title
ARMember < 4.0.11 - Subscriber+ Privilege Escalation
Published
2023-03-06
Title
Multiple e-plugins - Subscriber+ Privilege Escalation