Synology-SA-19:34 WordPress

Publish Time: 2019-10-18 19:39:50 UTC+8

Last Updated: 2019-12-17 15:30:38 UTC+8

Severity
Important
Status
Resolved

Abstract

These vulnerabilities allow remote attackers to inject arbitrary web script or HTML, obtain sensitive information, or access intranet resources via a susceptible version of WordPress.

Affected Products

Product Severity Fixed Release Availability
WordPress Important Upgrade to 5.2.4-0153 or above.

Mitigation

None

Detail

Reserved

Reference

Revision

Revision Date Description
1 2019-10-18 Initial public release.
2 2019-12-17 Update for WordPress is now available in Affected Products.