Description
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.
Remediation
References
Related Vulnerabilities
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5324)
Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-41164)
WordPress Plugin Simple Share Buttons Adder Multiple Vulnerabilities (4.4)
WordPress Plugin Email Log Cross-Site Scripting (2.4.7)
WordPress Plugin Extra User Details Privilege Escalation (0.4.2)