Synology-SA-19:41 WordPress

Publish Time: 2019-12-20 15:08:08 UTC+8

Last Updated: 2020-04-29 17:52:59 UTC+8

Severity: Moderate

Status: Resolved

Abstract

Multiple vulnerabilities allow remote authenticated users to inject arbitrary web script or HTML or bypass security constraint via a susceptible version of WordPress.

Affected Products

Product	Severity	Fixed Release Availability
WordPress	Moderate	Upgrade to 5.3.2-0155 or above.

Mitigation

None

Detail

Reserved

Reference

WordPress Releases Security and Maintenance Updates
WordPress 5.3.1 Security and Maintenance Release

Revision

Revision	Date	Description
1	2019-12-20	Initial public release.
2	2020-04-29	Update for WordPress is now available in Affected Products.